From fcc1fc1bf9c7e97dd5d4c21ecbc13dd729a56292 Mon Sep 17 00:00:00 2001 From: Miguel Ruiz Date: Fri, 14 Mar 2025 08:22:21 +0100 Subject: [PATCH] [bitnami/grafana] Set `usePasswordFiles=true` by default (#32348) * [bitnami/grafana] Set `usePasswordFiles=true` by default Signed-off-by: Miguel Ruiz * Update CHANGELOG.md Signed-off-by: Bitnami Containers * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers * Bump chart version Signed-off-by: Miguel Ruiz * Update CHANGELOG.md Signed-off-by: Bitnami Containers * Update CHANGELOG.md Signed-off-by: Bitnami Containers --------- Signed-off-by: Miguel Ruiz Signed-off-by: Bitnami Containers Co-authored-by: Bitnami Containers --- bitnami/grafana/CHANGELOG.md | 9 ++++++-- bitnami/grafana/Chart.yaml | 2 +- bitnami/grafana/README.md | 1 + bitnami/grafana/templates/deployment.yaml | 27 +++++++++++++++++++++++ bitnami/grafana/values.yaml | 3 +++ 5 files changed, 39 insertions(+), 3 deletions(-) diff --git a/bitnami/grafana/CHANGELOG.md b/bitnami/grafana/CHANGELOG.md index 4a4a47c069..85b6a849cb 100644 --- a/bitnami/grafana/CHANGELOG.md +++ b/bitnami/grafana/CHANGELOG.md @@ -1,8 +1,13 @@ # Changelog -## 11.5.1 (2025-03-13) +## 11.6.0 (2025-03-13) -* [bitnami/grafana] Release 11.5.1 ([#32437](https://github.com/bitnami/charts/pull/32437)) +* [bitnami/grafana] Set `usePasswordFiles=true` by default ([#32348](https://github.com/bitnami/charts/pull/32348)) + +## 11.5.1 (2025-03-13) + +* [bitnami/*] Add tanzuCategory annotation (#32409) ([a8fba5c](https://github.com/bitnami/charts/commit/a8fba5cb01f6f4464ca7f69c50b0fbe97d837a95)), closes [#32409](https://github.com/bitnami/charts/issues/32409) +* [bitnami/grafana] Release 11.5.1 (#32437) ([602e678](https://github.com/bitnami/charts/commit/602e678b446cac381a72500fafbcd4c640acfb1c)), closes [#32437](https://github.com/bitnami/charts/issues/32437) ## 11.5.0 (2025-03-12) diff --git a/bitnami/grafana/Chart.yaml b/bitnami/grafana/Chart.yaml index d6977e90b3..936163a49a 100644 --- a/bitnami/grafana/Chart.yaml +++ b/bitnami/grafana/Chart.yaml @@ -32,4 +32,4 @@ maintainers: name: grafana sources: - https://github.com/bitnami/charts/tree/main/bitnami/grafana -version: 11.5.1 +version: 11.6.0 diff --git a/bitnami/grafana/README.md b/bitnami/grafana/README.md index 8bfd453803..5c0c5dea20 100644 --- a/bitnami/grafana/README.md +++ b/bitnami/grafana/README.md @@ -413,6 +413,7 @@ See the [Parameters](#parameters) section to configure the PVC or to disable per | `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | | `commonLabels` | Labels to add to all deployed objects | `{}` | | `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `usePasswordFiles` | Mount credentials as files instead of using environment variables | `true` | ### Grafana parameters diff --git a/bitnami/grafana/templates/deployment.yaml b/bitnami/grafana/templates/deployment.yaml index 020361e591..1ce7bbf109 100644 --- a/bitnami/grafana/templates/deployment.yaml +++ b/bitnami/grafana/templates/deployment.yaml @@ -137,11 +137,16 @@ spec: optional: {{ include "common.tplvalues.render" (dict "value" .Values.grafana.extraEnvVarsSecretOptional "context" $) }} {{- end }} env: + {{- if .Values.usePasswordFiles }} + - name: GF_SECURITY_ADMIN_PASSWORD_FILE + value: {{ printf "/opt/bitnami/grafana/secrets/%s" (include "grafana.adminSecretPasswordKey" .) }} + {{- else }} - name: GF_SECURITY_ADMIN_PASSWORD valueFrom: secretKeyRef: name: {{ include "grafana.adminSecretName" . }} key: {{ include "grafana.adminSecretPasswordKey" . }} + {{- end }} {{- if .Values.smtp.enabled }} - name: GF_SMTP_ENABLED value: "true" @@ -161,6 +166,12 @@ spec: - name: GF_SMTP_SKIP_VERIFY value: "{{ .Values.smtp.skipVerify }}" {{- end }} + {{- if .Values.usePasswordFiles }} + - name: GF_SMTP_USER_FILE + value: {{ printf "/opt/bitnami/grafana/secrets/%s" (include "grafana.smtpSecretUserKey" .) }} + - name: GF_SMTP_PASSWORD_FILE + value: {{ printf "/opt/bitnami/grafana/secrets/%s" (include "grafana.smtpSecretPasswordKey" .) }} + {{- else }} - name: GF_SMTP_USER valueFrom: secretKeyRef: @@ -172,6 +183,7 @@ spec: name: {{ include "grafana.smtpSecretName" . }} key: {{ include "grafana.smtpSecretPasswordKey" . }} {{- end }} + {{- end }} {{- if .Values.grafana.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.grafana.extraEnvVars "context" $) | nindent 12 }} {{- end }} @@ -188,6 +200,10 @@ spec: - name: empty-dir mountPath: /bitnami/grafana subPath: app-volume-dir + {{- if and .Values.usePasswordFiles }} + - name: grafana-secrets + mountPath: /opt/bitnami/grafana/secrets + {{- end }} {{- if .Values.config.useGrafanaIniFile }} - name: grafana-ini mountPath: /opt/bitnami/grafana/conf/grafana.ini @@ -299,6 +315,17 @@ spec: volumes: - name: empty-dir emptyDir: {} + {{- if and .Values.usePasswordFiles }} + - name: grafana-secrets + projected: + sources: + - secret: + name: {{ include "grafana.adminSecretName" . }} + {{- if .Values.smtp.enabled }} + - secret: + name: {{ include "grafana.smtpSecretName" . }} + {{- end }} + {{- end }} - name: data {{- if .Values.persistence.enabled }} persistentVolumeClaim: diff --git a/bitnami/grafana/values.yaml b/bitnami/grafana/values.yaml index 1dcb195a0e..d7e198973c 100644 --- a/bitnami/grafana/values.yaml +++ b/bitnami/grafana/values.yaml @@ -57,6 +57,9 @@ commonLabels: {} ## @param commonAnnotations Annotations to add to all deployed objects ## commonAnnotations: {} +## @param usePasswordFiles Mount credentials as files instead of using environment variables +## +usePasswordFiles: true ## @section Grafana parameters ## Bitnami Grafana image version