lunny/helm-chart
1
0
Fork 1
Code Issues 36 Pull Requests 14 Actions Packages Projects Releases 93 Wiki Activity

Cannot pass Postgres Credentials as Env #414

New Issue
Closed
opened 2023-03-16 20:56:23 +00:00 by Sapp00 · 3 comments
Sapp00 commented 2023-03-16 20:56:23 +00:00 (Migrated from gitea.com)
Copy Link

Hi,

I want to use the credentials saved in another secret within my gitea deployment. This is the standard approach, I use when passing postgres credentials to the apps.

So, if I pass the credentials as environment variables, it is not recognized in the configuration container -> gitea cannot be started.

statefulset:
  env:
    - name: GITEA__database__USER
      valueFrom:
        secretKeyRef:
          name: development.gitea-user.postgres-gitea-cluster.credentials.postgresql.acid.zalan.do
          key: username
    - name: GITEA__database__PASSWD
      valueFrom:
        secretKeyRef:
          name: development.gitea-user.postgres-gitea-cluster.credentials.postgresql.acid.zalan.do
          key: password
    - name: USER_UID
      value: "3000"
    - name: USER_GID
      value: "3000"

If I pass the credentials using the config parameter, it is being recognized.

config:
    database:
      DB_TYPE: postgres
      HOST: postgres-gitea-cluster.postgres.svc.cluster.local
      NAME: gitea
      SSL_MODE: "require"
      USER: development.gitea-user
      PASSWD: 2af239afj9adgia09ga02jadgodgggynf943oiSDdaoni
Hi, I want to use the credentials saved in another secret within my gitea deployment. This is the standard approach, I use when passing postgres credentials to the apps. So, if I pass the credentials as environment variables, it is not recognized in the configuration container -> gitea cannot be started. ``` statefulset: env: - name: GITEA__database__USER valueFrom: secretKeyRef: name: development.gitea-user.postgres-gitea-cluster.credentials.postgresql.acid.zalan.do key: username - name: GITEA__database__PASSWD valueFrom: secretKeyRef: name: development.gitea-user.postgres-gitea-cluster.credentials.postgresql.acid.zalan.do key: password - name: USER_UID value: "3000" - name: USER_GID value: "3000" ``` If I pass the credentials using the `config` parameter, it is being recognized. ``` config: database: DB_TYPE: postgres HOST: postgres-gitea-cluster.postgres.svc.cluster.local NAME: gitea SSL_MODE: "require" USER: development.gitea-user PASSWD: 2af239afj9adgia09ga02jadgodgggynf943oiSDdaoni ```
justusbunsi commented 2023-03-16 21:05:29 +00:00 (Migrated from gitea.com)
Copy Link

Try prefixing the environment with ENV_TO_INI__ instead of GITEA__.
See 9a6cb4d357/templates/gitea/config.yaml (L172)

Try prefixing the environment with `ENV_TO_INI__` instead of `GITEA__`. See https://gitea.com/gitea/helm-chart/src/commit/9a6cb4d35792d6b0fb8207f93dac4c620528d8a4/templates/gitea/config.yaml#L172
pat-s commented 2023-04-16 21:26:39 +00:00 (Migrated from gitea.com)
Copy Link

Let's assume this to be solved or stale. Re-open if needed :)

Let's assume this to be solved or stale. Re-open if needed :)
sgoudham commented 2023-05-09 17:26:01 +00:00 (Migrated from gitea.com)
Copy Link

Hiya 👋

Just wanted to chime in that I was running into the same issues as described above and I'm happy to report that https://gitea.com/gitea/helm-chart/issues/414#issuecomment-733194 worked for me! 🎉

This is my config below which allows me to use my secret postgres-password which contains a key password for the user gitea:

Edit: Chart Version: gitea-8.3.0 & Gitea Version: 1.19.3

postgresql:
  enabled: true
  global:
    postgresql:
      auth:
        database: gitea
        username: gitea
        existingSecret: postgres-password
      service:
        ports:
          postgresql: 5432
  primary:
    persistence:
      size: 10Gi

statefulset:
  env:
    - name: ENV_TO_INI__database__PASSWD
      valueFrom:
        secretKeyRef:
          name: postgres-password
          key: password
Hiya 👋 Just wanted to chime in that I was running into the same issues as described above and I'm happy to report that https://gitea.com/gitea/helm-chart/issues/414#issuecomment-733194 worked for me! 🎉 This is my config below which allows me to use my secret `postgres-password` which contains a key `password` for the user `gitea`: **Edit:** Chart Version: `gitea-8.3.0` & Gitea Version: `1.19.3` ```yaml postgresql: enabled: true global: postgresql: auth: database: gitea username: gitea existingSecret: postgres-password service: ports: postgresql: 5432 primary: persistence: size: 10Gi statefulset: env: - name: ENV_TO_INI__database__PASSWD valueFrom: secretKeyRef: name: postgres-password key: password ```
🎉 4
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
has/backport
in progress
invalid
kind/breaking
kind/bug
kind/build
kind/dependency
kind/deployment
kind/docs
kind/enhancement
kind/feature
kind/lint
kind/proposal
kind/question
kind/refactor
kind/security
kind/testing
kind/translation
kind/ui
need/backport
priority/critical
priority/low
priority/maybe
priority/medium
reviewed/duplicate
reviewed/invalid
reviewed/wontfix
skip-changelog
status/blocked
status/needs-feedback
status/needs-reviews
status/wip
upstream/gitea
upstream/other
No Label
status/needs-feedback
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
lunny
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: lunny/helm-chart#414
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?