From ff36bec72d32078fe6d8f48b47e129c06272071a Mon Sep 17 00:00:00 2001
From: Eduardo Trujillo <ed@chromabits.com>
Date: Mon, 18 Jan 2021 00:33:12 -0800
Subject: [PATCH] feat(chart): Add support for storing config in secrets

---
 contrib/charts/espresso/templates/deployment.yaml | 14 +++++++++++++-
 contrib/charts/espresso/templates/secret.yaml     | 10 ++++++++++
 contrib/charts/espresso/values.yaml               |  5 +++++
 3 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 contrib/charts/espresso/templates/secret.yaml

diff --git a/contrib/charts/espresso/templates/deployment.yaml b/contrib/charts/espresso/templates/deployment.yaml
index 7a9500f..96cea55 100644
--- a/contrib/charts/espresso/templates/deployment.yaml
+++ b/contrib/charts/espresso/templates/deployment.yaml
@@ -1,7 +1,8 @@
+{{- $fullName := include "chart.fullname" . -}}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ include "chart.fullname" . }}
+  name: {{ $fullName }}
   labels:
     {{- include "chart.labels" . | nindent 4 }}
 spec:
@@ -33,8 +34,19 @@ spec:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
+          command: ['/usr/bin/espresso']
           args:
             - serve
+          env:
+          {{- if .Values.secretEnvVars }}
+          {{- range $index, $value := .Values.secretEnvVars }}
+            - name: {{ $index }}
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $fullName }}
+                  key: {{ $index }}
+          {{- end }}
+          {{- end }}
           ports:
             - name: http
               containerPort: 80
diff --git a/contrib/charts/espresso/templates/secret.yaml b/contrib/charts/espresso/templates/secret.yaml
new file mode 100644
index 0000000..6b07de2
--- /dev/null
+++ b/contrib/charts/espresso/templates/secret.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "chart.fullname" . }}
+  labels:
+    {{- include "chart.labels" . | nindent 4 }}
+data:
+{{- range $index, $value := .Values.secretEnvVars }}
+  {{ $index }}: {{ $value | b64enc }}
+{{- end }}
diff --git a/contrib/charts/espresso/values.yaml b/contrib/charts/espresso/values.yaml
index fbdaba5..e8dd2db 100644
--- a/contrib/charts/espresso/values.yaml
+++ b/contrib/charts/espresso/values.yaml
@@ -26,6 +26,11 @@ config: |
   [unbundler]
   poll_seconds = 10
 
+# Specify additional environment variables to be passed to the Espresso server,
+# stored as a Kubernetes secret.
+secretEnvVars: {}
+# ESPRESSO_BUNDLE: '{access_key = "XXXX", secret_key = "XXXX"}'
+
 serviceAccount:
   # Specifies whether a service account should be created
   create: true
-- 
GitLab