mirror of
https://github.com/bitnami/charts.git
synced 2026-03-06 06:58:50 +08:00
[bitnami/kong] Set usePasswordFiles=true by default (#32109)
* [bitnami/kong] Set `usePasswordFiles=true` by default Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Use .Values.usePasswordFiles instead Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
This commit is contained in:
Miguel Ruiz
@@ -1,8 +1,12 @@
|
||||
# Changelog
|
||||
|
||||
## 15.3.0 (2025-02-21)
|
||||
|
||||
* [bitnami/kong] Set `usePasswordFiles=true` by default ([#32109](https://github.com/bitnami/charts/pull/32109))
|
||||
|
||||
## 15.2.0 (2025-02-20)
|
||||
|
||||
* [bitnami/kong] feat: use new helper for checking API versions ([#32053](https://github.com/bitnami/charts/pull/32053))
|
||||
* [bitnami/kong] feat: use new helper for checking API versions (#32053) ([28a9be8](https://github.com/bitnami/charts/commit/28a9be8cc91b30bae601544cc0500f7534c3a663)), closes [#32053](https://github.com/bitnami/charts/issues/32053)
|
||||
|
||||
## <small>15.1.3 (2025-02-19)</small>
|
||||
|
||||
|
||||
@@ -43,4 +43,4 @@ maintainers:
|
||||
name: kong
|
||||
sources:
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/kong
|
||||
version: 15.2.0
|
||||
version: 15.3.0
|
||||
|
||||
@@ -249,6 +249,7 @@ As an alternative, you can use of the preset configurations for pod affinity, po
|
||||
| `commonLabels` | Common labels to add to all Kong resources (sub-charts are not considered). Evaluated as a template | `{}` |
|
||||
| `clusterDomain` | Kubernetes cluster domain | `cluster.local` |
|
||||
| `extraDeploy` | Array of extra objects to deploy with the release (evaluated as a template). | `[]` |
|
||||
| `usePasswordFiles` | Mount credentials as files instead of using environment variables | `true` |
|
||||
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
|
||||
| `diagnosticMode.command` | Command to override all containers in the daemonset/deployment | `["sleep"]` |
|
||||
| `diagnosticMode.args` | Args to override all containers in the daemonset/deployment | `["infinity"]` |
|
||||
@@ -482,7 +483,6 @@ As an alternative, you can use of the preset configurations for pod affinity, po
|
||||
| `postgresql.auth.password` | Password for the custom user to create | `""` |
|
||||
| `postgresql.auth.database` | Name for a custom database to create | `kong` |
|
||||
| `postgresql.auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials | `""` |
|
||||
| `postgresql.auth.usePasswordFiles` | Mount credentials as a files instead of using an environment variable | `false` |
|
||||
| `postgresql.architecture` | PostgreSQL architecture (`standalone` or `replication`) | `standalone` |
|
||||
| `postgresql.primary.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if primary.resources is set (primary.resources is recommended for production). | `nano` |
|
||||
| `postgresql.primary.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
|
||||
@@ -502,7 +502,6 @@ As an alternative, you can use of the preset configurations for pod affinity, po
|
||||
| `cassandra.dbUser.user` | Cassandra admin user | `kong` |
|
||||
| `cassandra.dbUser.password` | Password for `cassandra.dbUser.user`. Randomly generated if empty | `""` |
|
||||
| `cassandra.dbUser.existingSecret` | Name of existing secret to use for Cassandra credentials | `""` |
|
||||
| `cassandra.usePasswordFile` | Mount credentials as a files instead of using an environment variable | `false` |
|
||||
| `cassandra.replicaCount` | Number of Cassandra replicas | `1` |
|
||||
| `cassandra.external.hosts` | List of Cassandra hosts | `[]` |
|
||||
| `cassandra.external.port` | Cassandra port number | `9042` |
|
||||
|
||||
@@ -117,9 +117,9 @@ spec:
|
||||
- name: KONG_DATABASE
|
||||
value: {{ include "kong.database" . | quote }}
|
||||
{{- if (eq .Values.database "postgresql") }}
|
||||
{{- if .Values.postgresql.auth.usePasswordFiles }}
|
||||
- name: KONG_POSTGRESQL_PASSWORD_FILE
|
||||
value: {{ printf "/bitnami/kong/secrets/%s" (include "kong.postgresql.databaseSecretKey" .) }}
|
||||
{{- if .Values.usePasswordFiles }}
|
||||
- name: KONG_PG_PASSWORD_FILE
|
||||
value: {{ printf "/opt/bitnami/kong/secrets/%s" (include "kong.postgresql.databaseSecretKey" .) }}
|
||||
{{- else }}
|
||||
- name: KONG_PG_PASSWORD
|
||||
valueFrom:
|
||||
@@ -135,9 +135,9 @@ spec:
|
||||
value: {{ include "kong.postgresql.user" . }}
|
||||
{{- end }}
|
||||
{{- if (eq .Values.database "cassandra") }}
|
||||
{{- if .Values.cassandra.usePasswordFile }}
|
||||
{{- if .Values.usePasswordFiles }}
|
||||
- name: KONG_CASSANDRA_PASSWORD_FILE
|
||||
value: {{ printf "/bitnami/kong/secrets/%s" (include "kong.cassandra.databaseSecretKey" .) }}
|
||||
value: {{ printf "/opt/bitnami/kong/secrets/%s" (include "kong.cassandra.databaseSecretKey" .) }}
|
||||
{{- else }}
|
||||
- name: KONG_CASSANDRA_PASSWORD
|
||||
valueFrom:
|
||||
@@ -246,6 +246,10 @@ spec:
|
||||
subPath: app-server-dir
|
||||
- name: health
|
||||
mountPath: /health
|
||||
{{- if and .Values.usePasswordFiles (or (eq .Values.database "cassandra") (eq .Values.database "postgresql")) }}
|
||||
- name: kong-secrets
|
||||
mountPath: /opt/bitnami/kong/secrets
|
||||
{{- end -}}
|
||||
{{- if .Values.metrics.enabled }}
|
||||
- name: metrics-init-scripts
|
||||
mountPath: /docker-entrypoint-initdb.d/metrics-init
|
||||
@@ -377,6 +381,15 @@ spec:
|
||||
configMap:
|
||||
name: {{ template "common.names.fullname" . }}-scripts
|
||||
defaultMode: 0755
|
||||
{{- if and .Values.usePasswordFiles (or (eq .Values.database "cassandra") (eq .Values.database "postgresql")) }}
|
||||
- name: kong-secrets
|
||||
secret:
|
||||
{{- if (eq .Values.database "cassandra") }}
|
||||
secretName: {{ include "kong.cassandra.secretName" . }}
|
||||
{{- else if (eq .Values.database "postgresql") }}
|
||||
secretName: {{ include "kong.postgresql.secretName" . }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- if .Values.metrics.enabled }}
|
||||
- name: metrics-init-scripts
|
||||
configMap:
|
||||
@@ -395,7 +408,7 @@ spec:
|
||||
{{- if .Values.kong.initScriptsSecret }}
|
||||
- name: custom-init-scripts-secret
|
||||
secret:
|
||||
name: {{ include "common.tplvalues.render" (dict "value" .Values.kong.initScriptsSecret "context" $) }}
|
||||
secretName: {{ include "common.tplvalues.render" (dict "value" .Values.kong.initScriptsSecret "context" $) }}
|
||||
defaultMode: 0755
|
||||
{{- end }}
|
||||
{{- if (include "kong.declarativeConfigMap" .) }}
|
||||
|
||||
@@ -59,9 +59,9 @@ spec:
|
||||
- name: KONG_DATABASE
|
||||
value: {{ include "kong.database" . | quote }}
|
||||
{{- if (eq .Values.database "postgresql") }}
|
||||
{{- if .Values.postgresql.auth.usePasswordFiles }}
|
||||
- name: KONG_POSTGRESQL_PASSWORD_FILE
|
||||
value: {{ printf "/bitnami/kong/secrets/%s" (include "kong.postgresql.databaseSecretKey" .) }}
|
||||
{{- if .Values.usePasswordFiles }}
|
||||
- name: KONG_PG_PASSWORD_FILE
|
||||
value: {{ printf "/opt/bitnami/kong/secrets/%s" (include "kong.postgresql.databaseSecretKey" .) }}
|
||||
{{- else }}
|
||||
- name: KONG_PG_PASSWORD
|
||||
valueFrom:
|
||||
@@ -77,9 +77,9 @@ spec:
|
||||
value: {{ include "kong.postgresql.user" . }}
|
||||
{{- end }}
|
||||
{{- if (eq .Values.database "cassandra") }}
|
||||
{{- if .Values.cassandra.usePasswordFile }}
|
||||
{{- if .Values.usePasswordFiles }}
|
||||
- name: KONG_CASSANDRA_PASSWORD_FILE
|
||||
value: {{ printf "/bitnami/kong/secrets/%s" (include "kong.cassandra.databaseSecretKey" .) }}
|
||||
value: {{ printf "/opt/bitnami/kong/secrets/%s" (include "kong.cassandra.databaseSecretKey" .) }}
|
||||
{{- else }}
|
||||
- name: KONG_CASSANDRA_PASSWORD
|
||||
valueFrom:
|
||||
@@ -115,6 +115,10 @@ spec:
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/kong/server
|
||||
subPath: app-server-dir
|
||||
{{- if and .Values.usePasswordFiles (or (eq .Values.database "cassandra") (eq .Values.database "postgresql")) }}
|
||||
- name: kong-secrets
|
||||
mountPath: /opt/bitnami/kong/secrets
|
||||
{{- end -}}
|
||||
{{- if .Values.migration.extraVolumeMounts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.migration.extraVolumeMounts "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
@@ -126,6 +130,15 @@ spec:
|
||||
volumes:
|
||||
- name: empty-dir
|
||||
emptyDir: {}
|
||||
{{- if and .Values.usePasswordFiles (or (eq .Values.database "cassandra") (eq .Values.database "postgresql")) }}
|
||||
- name: kong-secrets
|
||||
secret:
|
||||
{{- if (eq .Values.database "cassandra") }}
|
||||
secretName: {{ include "kong.cassandra.secretName" . }}
|
||||
{{- else if (eq .Values.database "postgresql") }}
|
||||
secretName: {{ include "kong.postgresql.secretName" . }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- if .Values.extraVolumes }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
|
||||
@@ -61,6 +61,9 @@ clusterDomain: cluster.local
|
||||
## @param extraDeploy Array of extra objects to deploy with the release (evaluated as a template).
|
||||
##
|
||||
extraDeploy: []
|
||||
## @param usePasswordFiles Mount credentials as files instead of using environment variables
|
||||
##
|
||||
usePasswordFiles: true
|
||||
## Enable diagnostic mode in the daemonset/deployment
|
||||
##
|
||||
diagnosticMode:
|
||||
@@ -897,7 +900,6 @@ migration:
|
||||
## @param postgresql.auth.password Password for the custom user to create
|
||||
## @param postgresql.auth.database Name for a custom database to create
|
||||
## @param postgresql.auth.existingSecret Name of existing secret to use for PostgreSQL credentials
|
||||
## @param postgresql.auth.usePasswordFiles Mount credentials as a files instead of using an environment variable
|
||||
## @param postgresql.architecture PostgreSQL architecture (`standalone` or `replication`)
|
||||
##
|
||||
postgresql:
|
||||
@@ -908,7 +910,6 @@ postgresql:
|
||||
database: kong
|
||||
postgresPassword: ""
|
||||
existingSecret: ""
|
||||
usePasswordFiles: false
|
||||
architecture: standalone
|
||||
primary:
|
||||
## PostgreSQL Primary resource requests and limits
|
||||
@@ -955,7 +956,6 @@ postgresql:
|
||||
## @param cassandra.dbUser.user Cassandra admin user
|
||||
## @param cassandra.dbUser.password Password for `cassandra.dbUser.user`. Randomly generated if empty
|
||||
## @param cassandra.dbUser.existingSecret Name of existing secret to use for Cassandra credentials
|
||||
## @param cassandra.usePasswordFile Mount credentials as a files instead of using an environment variable
|
||||
## @param cassandra.replicaCount Number of Cassandra replicas
|
||||
##
|
||||
cassandra:
|
||||
@@ -964,7 +964,6 @@ cassandra:
|
||||
user: kong
|
||||
password: ""
|
||||
existingSecret: ""
|
||||
usePasswordFile: false
|
||||
replicaCount: 1
|
||||
## External Cassandra configuration
|
||||
## All of these values are only used when cassandra.enabled is set to false
|
||||
|
||||
Reference in New Issue
Block a user