redmine: added secrets manifest for sensitive variables.

A secret volume named `redmine` is created to store password variables.

_docs/redmine/README.md

@@ -179,11 +179,7 @@ $ helmc edit redmine
 
 *or directly edit `~/.helmc/workspace/charts/redmine/tpl/values.toml` in your favourite text editor*
 
-In the default configuration the database user is set to `root` without a password and the Redmine administrator username and password credentials are `user` and `bitnami` respectively.
-
-> **Important:**
->
-> If the database credentials were changed in the MariaDB Chart, please update the database credentials in the Redmine Chart accordingly or the deployment will fail for obvious reasons.
+In the default configuration the Redmine administrator username and password credentials are `user` and `bitnami` respectively.
 
 To configure Redmine data persistence refer to the [Redmine persistence](#redmine-persistence) section.
 

redmine/Chart.yaml

@@ -2,12 +2,12 @@ name: redmine
 home: http://www.redmine.org/
 source:
 - https://github.com/bitnami/bitnami-docker-redmine
-version: 0.1.2
+version: 0.2.1
 description: A flexible project management web application.
 maintainers:
 - Bitnami <containers@bitnami.com>
 dependencies:
 - name: mariadb
-  version: 0.2.0
+  version: 0.2.1
 details: |-
   Redmine is a flexible project management web application written using Ruby on Rails framework.

redmine/README.md

@@ -26,16 +26,12 @@ To edit the default Redmine configuration, run
 $ helmc edit redmine
 ```
 
-Here you can update the MariaDB root password, Redmine admin username, password, email address, language and SMTP settings in `tpl/values.toml`. When not specified, the default values are used.
+Here you can update the Redmine admin username, password, email address, language and SMTP settings in `tpl/values.toml`. When not specified, the default values are used.
 
 Refer to the [Environment variables](https://github.com/bitnami/bitnami-docker-redmine/#environment-variables) section of the [Bitnami Redmine](https://github.com/bitnami/bitnami-docker-redmine) image for the default values.
 
 The values of `redmineUser` and `redminePassword` are the login credentials when you [access the Redmine instance](#access-your-redmine-application).
 
-> Note:
->
-> If you had updated the MariaDB root password for the MariaDB deployment, then ensure you set the same password for the `mariadbRootPassword` field in the Redmine Chart.
-
 Finally, generate the chart to apply your changes to the configuration.
 
 ```bash

redmine/manifests/redmine-rc.yaml

@@ -30,11 +30,17 @@ spec:
         - name: MARIADB_PORT
           value: "3306"
         - name: MARIADB_PASSWORD
-          value: ""
+          valueFrom:
+            secretKeyRef:
+              name: mariadb
+              key: mariadb-root-password
         - name: REDMINE_USERNAME
           value: "user"
         - name: REDMINE_PASSWORD
-          value: "bitnami"
+          valueFrom:
+            secretKeyRef:
+              name: redmine
+              key: redmine-password
         - name: REDMINE_EMAIL
           value: "user@example.com"
         - name: REDMINE_LANG
@@ -46,7 +52,10 @@ spec:
         - name: SMTP_USER
           value: ""
         - name: SMTP_PASSWORD
-          value: ""
+          valueFrom:
+            secretKeyRef:
+              name: redmine
+              key: smtp-password
         - name: SMTP_TLS
           value: ""
         ports:

redmine/manifests/redmine-secrets.yaml

@@ -0,0 +1,12 @@
+#helm:generate helmc tpl -d tpl/values.toml -o manifests/redmine-secrets.yaml $HELM_GENERATE_FILE
+apiVersion: v1
+kind: Secret
+metadata:
+  name: redmine
+  labels:
+    provider: redmine
+    heritage: bitnami
+type: Opaque
+data:
+  redmine-password: "Yml0bmFtaQ=="
+  smtp-password: ""

redmine/tpl/redmine-rc.yaml

@@ -30,11 +30,17 @@ spec:
         - name: MARIADB_PORT
           value: "3306"
         - name: MARIADB_PASSWORD
-          value: {{ .mariadbRootPassword | quote }}
+          valueFrom:
+            secretKeyRef:
+              name: mariadb
+              key: mariadb-root-password
         - name: REDMINE_USERNAME
           value: {{ .redmineUser | quote }}
         - name: REDMINE_PASSWORD
-          value: {{ .redminePassword | quote }}
+          valueFrom:
+            secretKeyRef:
+              name: redmine
+              key: redmine-password
         - name: REDMINE_EMAIL
           value: {{ .redmineEmail | quote }}
         - name: REDMINE_LANG
@@ -46,7 +52,10 @@ spec:
         - name: SMTP_USER
           value: {{ .smtpUser | quote }}
         - name: SMTP_PASSWORD
-          value: {{ .smtpPassword | quote }}
+          valueFrom:
+            secretKeyRef:
+              name: redmine
+              key: smtp-password
         - name: SMTP_TLS
           value: {{ .smtpTls | quote }}
         ports:

redmine/tpl/redmine-secrets.yaml

@@ -0,0 +1,12 @@
+#helm:generate helmc tpl -d tpl/values.toml -o manifests/redmine-secrets.yaml $HELM_GENERATE_FILE
+apiVersion: v1
+kind: Secret
+metadata:
+  name: redmine
+  labels:
+    provider: redmine
+    heritage: bitnami
+type: Opaque
+data:
+  redmine-password: {{ .redminePassword | b64enc | quote }}
+  smtp-password: {{ .smtpPassword | b64enc | quote }}

redmine/tpl/values.toml

@@ -1,4 +1,3 @@
-mariadbRootPassword = ""
 redmineUser = "user"
 redminePassword = "bitnami"
 redmineEmail = "user@example.com"