mirror of
https://github.com/bitnami/charts.git
synced 2026-02-28 15:37:42 +08:00
[bitnami/etcd] Properly get ROOT_PASSWORD when providing an existing secret (#25574)
Signed-off-by: Jota Martos <jotamartos@vmware.com>
This commit is contained in:
@@ -32,4 +32,4 @@ maintainers:
|
||||
name: etcd
|
||||
sources:
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/etcd
|
||||
version: 10.0.4
|
||||
version: 10.0.5
|
||||
|
||||
@@ -45,7 +45,7 @@ etcd can be accessed via port {{ coalesce .Values.service.ports.client .Values.s
|
||||
|
||||
To create a pod that you can use as a etcd client run the following command:
|
||||
|
||||
kubectl run {{ template "common.names.fullname" . }}-client --restart='Never' --image {{ template "etcd.image" . }}{{- if or .Values.auth.rbac.create .Values.auth.rbac.enabled }} --env ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.data.etcd-root-password}" | base64 -d){{- end }} --env ETCDCTL_ENDPOINTS="{{ template "common.names.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}:{{ coalesce .Values.service.ports.client .Values.service.port }}" --namespace {{ .Release.Namespace }} --command -- sleep infinity
|
||||
kubectl run {{ template "common.names.fullname" . }}-client --restart='Never' --image {{ template "etcd.image" . }}{{- if or .Values.auth.rbac.create .Values.auth.rbac.enabled }} --env ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.auth.rbac.existingSecret }}{{ .Values.auth.rbac.existingSecret }}{{ else }}{{ template "common.names.fullname" . }}{{ end }} -o jsonpath="{{ if .Values.auth.rbac.existingSecret }}{.data.{{ .Values.auth.rbac.existingSecretPasswordKey }}}{{ else }}{.data.etcd-root-password}{{ end }}" | base64 -d){{- end }} --env ETCDCTL_ENDPOINTS="{{ template "common.names.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}:{{ coalesce .Values.service.ports.client .Values.service.port }}" --namespace {{ .Release.Namespace }} --command -- sleep infinity
|
||||
|
||||
Then, you can set/get a key using the commands below:
|
||||
|
||||
@@ -80,7 +80,7 @@ To connect to your etcd server from outside the cluster execute the following co
|
||||
|
||||
* As rbac is enabled you should add the flag `--user root:$ETCD_ROOT_PASSWORD` to the etcdctl commands. Use the command below to export the password:
|
||||
|
||||
export ETCD_ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.data.etcd-root-password}" | base64 -d)
|
||||
export ETCD_ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.auth.rbac.existingSecret }}{{ .Values.auth.rbac.existingSecret }}{{ else }}{{ template "common.names.fullname" . }}{{ end }} -o jsonpath="{{ if .Values.auth.rbac.existingSecret }}{.data.{{ .Values.auth.rbac.existingSecretPasswordKey }}}{{ else }}{.data.etcd-root-password}{{ end }}" | base64 -d)
|
||||
|
||||
{{- end }}
|
||||
{{- if .Values.auth.client.secureTransport }}
|
||||
|
||||
Reference in New Issue
Block a user