From 6be1fdb73f1d3a93350a2f4bf35d12fc949c903d Mon Sep 17 00:00:00 2001 From: Alexandre Chapellon Date: Tue, 26 Sep 2023 13:05:31 +0200 Subject: [PATCH 1/3] add propertification of secret vars --- charts/alfresco-repository/README.md | 2 +- .../alfresco-repository/templates/configmap-repository.yaml | 6 ++++++ charts/alfresco-repository/values.yaml | 4 +++- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/alfresco-repository/README.md b/charts/alfresco-repository/README.md index 8b45fb2c..7d8eee6d 100644 --- a/charts/alfresco-repository/README.md +++ b/charts/alfresco-repository/README.md @@ -117,7 +117,7 @@ environment: | configuration.messageBroker.url | string | `nil` | Message Broker URL | | configuration.messageBroker.username | string | `nil` | Username to authenticate to the message broker | | configuration.repository.existingConfigMap | string | `nil` | a configmap containing the "alfresco-global.properties" key populated with actual Alfresco repository properties | -| configuration.repository.existingSecrets | list | `[{"key":"license.lic","name":"repository-secrets","purpose":"acs-license"}]` | A list of secrets to make available to the repository as env vars. This list can contain special secrets marked with predifined `purpose`: `acs-license` to pass license as a secret or subsystems:*:* to configure an Alfresco subsystem. See [Configuring Alfresco Subsystem](./docs/subsystems.md) for more details. | +| configuration.repository.existingSecrets | list | `[{"key":"license.lic","name":"repository-secrets","purpose":"acs-license"}]` | A list of secrets to make available to the repository as env vars. If the secrets neds to be used by the repo as a property on can use the following purpose syntax: 'property:name.of.the.prop' This list can contain special secrets marked with predifined `purpose`: `acs-license` to pass license as a secret or subsystems:*:* to configure an Alfresco subsystem. See [Configuring Alfresco Subsystem](./docs/subsystems.mq) for more details. | | configuration.search.existingConfigMap.keys.flavor | string | `"SEARCH_FLAVOR"` | configmap key where to find the search engine used | | configuration.search.existingConfigMap.keys.host | string | `"SEARCH_HOST"` | configmap key where to find the hostname part of the search URL. The configmap may leverage the alfresco-repository.solr.cm named template to auto-generate it from the sole url parameter. | | configuration.search.existingConfigMap.keys.port | string | `"SEARCH_PORT"` | configmap key where to find the port part of the search URL. The configmap may leverage the alfresco-repository.solr.cm named template to auto-generate it from the sole url parameter. | diff --git a/charts/alfresco-repository/templates/configmap-repository.yaml b/charts/alfresco-repository/templates/configmap-repository.yaml index d43fa024..ed46bfaa 100644 --- a/charts/alfresco-repository/templates/configmap-repository.yaml +++ b/charts/alfresco-repository/templates/configmap-repository.yaml @@ -27,6 +27,12 @@ data: -Dmessaging.broker.password="$BROKER_PASSWORD" -Dindex.subsystem.name="$SEARCH_FLAVOR" {{- include "alfresco-repository.search.config" $ | indent 2 }} + {{- range .repository.existingSecrets }} + {{- if and .key (hasPrefix "property:" .purpose) }} + {{- $property := trimPrefix "property:" .purpose }} + {{- printf "-D%s=\"$%s\"" $property .key | nindent 4 }} + {{- end }} + {{- end }} {{- end }} {{ .Values.environment.CATALINA_OPTS | default "" }} JAVA_OPTS: >- diff --git a/charts/alfresco-repository/values.yaml b/charts/alfresco-repository/values.yaml index c74134fe..79396c35 100644 --- a/charts/alfresco-repository/values.yaml +++ b/charts/alfresco-repository/values.yaml @@ -25,10 +25,12 @@ configuration: # with actual Alfresco repository properties existingConfigMap: null # -- A list of secrets to make available to the repository as env vars. + # If the secrets neds to be used by the repo as a property on can use the + # following purpose syntax: 'property:name.of.the.prop' # This list can contain special secrets marked with predifined `purpose`: # `acs-license` to pass license as a secret or subsystems:*:* to configure # an Alfresco subsystem. See [Configuring Alfresco - # Subsystem](./docs/subsystems.md) for more details. + # Subsystem](./docs/subsystems.mq) for more details. existingSecrets: - name: repository-secrets key: license.lic From 907db0aa2ad64a975a0c4cdd8a562f67500c87e6 Mon Sep 17 00:00:00 2001 From: Alexandre Chapellon Date: Tue, 26 Sep 2023 13:06:36 +0200 Subject: [PATCH 2/3] bump alfresco-repository chart --- charts/alfresco-repository/Chart.yaml | 2 +- charts/alfresco-repository/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/alfresco-repository/Chart.yaml b/charts/alfresco-repository/Chart.yaml index fb8396a1..cdf4fffe 100644 --- a/charts/alfresco-repository/Chart.yaml +++ b/charts/alfresco-repository/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: alfresco-repository description: Alfresco content repository Helm chart type: application -version: 0.1.0-alpha.10 +version: 0.1.0-alpha.11 appVersion: 23.1.0-A21 dependencies: - name: alfresco-common diff --git a/charts/alfresco-repository/README.md b/charts/alfresco-repository/README.md index 7d8eee6d..73673171 100644 --- a/charts/alfresco-repository/README.md +++ b/charts/alfresco-repository/README.md @@ -1,6 +1,6 @@ # alfresco-repository -![Version: 0.1.0-alpha.10](https://img.shields.io/badge/Version-0.1.0--alpha.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 23.1.0-A21](https://img.shields.io/badge/AppVersion-23.1.0--A21-informational?style=flat-square) +![Version: 0.1.0-alpha.11](https://img.shields.io/badge/Version-0.1.0--alpha.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 23.1.0-A21](https://img.shields.io/badge/AppVersion-23.1.0--A21-informational?style=flat-square) Alfresco content repository Helm chart From 4129118a8fc4ab162f3c3a6a5e597e8b7a143d35 Mon Sep 17 00:00:00 2001 From: Alexandre Chapellon Date: Tue, 26 Sep 2023 14:35:06 +0200 Subject: [PATCH 3/3] review comments --- charts/alfresco-repository/README.md | 2 +- charts/alfresco-repository/values.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/alfresco-repository/README.md b/charts/alfresco-repository/README.md index 73673171..672d3622 100644 --- a/charts/alfresco-repository/README.md +++ b/charts/alfresco-repository/README.md @@ -117,7 +117,7 @@ environment: | configuration.messageBroker.url | string | `nil` | Message Broker URL | | configuration.messageBroker.username | string | `nil` | Username to authenticate to the message broker | | configuration.repository.existingConfigMap | string | `nil` | a configmap containing the "alfresco-global.properties" key populated with actual Alfresco repository properties | -| configuration.repository.existingSecrets | list | `[{"key":"license.lic","name":"repository-secrets","purpose":"acs-license"}]` | A list of secrets to make available to the repository as env vars. If the secrets neds to be used by the repo as a property on can use the following purpose syntax: 'property:name.of.the.prop' This list can contain special secrets marked with predifined `purpose`: `acs-license` to pass license as a secret or subsystems:*:* to configure an Alfresco subsystem. See [Configuring Alfresco Subsystem](./docs/subsystems.mq) for more details. | +| configuration.repository.existingSecrets | list | `[{"key":"license.lic","name":"repository-secrets","purpose":"acs-license"}]` | A list of secrets to make available to the repository as env vars. If the secrets needs to be used by the repo as a property on can use the following purpose syntax: 'property:name.of.the.prop' This list can contain special secrets marked with predifined `purpose`: `acs-license` to pass license as a secret or subsystems:*:* to configure an Alfresco subsystem. See [Configuring Alfresco Subsystem](./docs/subsystems.md) for more details. | | configuration.search.existingConfigMap.keys.flavor | string | `"SEARCH_FLAVOR"` | configmap key where to find the search engine used | | configuration.search.existingConfigMap.keys.host | string | `"SEARCH_HOST"` | configmap key where to find the hostname part of the search URL. The configmap may leverage the alfresco-repository.solr.cm named template to auto-generate it from the sole url parameter. | | configuration.search.existingConfigMap.keys.port | string | `"SEARCH_PORT"` | configmap key where to find the port part of the search URL. The configmap may leverage the alfresco-repository.solr.cm named template to auto-generate it from the sole url parameter. | diff --git a/charts/alfresco-repository/values.yaml b/charts/alfresco-repository/values.yaml index 79396c35..4c49ed3f 100644 --- a/charts/alfresco-repository/values.yaml +++ b/charts/alfresco-repository/values.yaml @@ -25,12 +25,12 @@ configuration: # with actual Alfresco repository properties existingConfigMap: null # -- A list of secrets to make available to the repository as env vars. - # If the secrets neds to be used by the repo as a property on can use the + # If the secrets needs to be used by the repo as a property on can use the # following purpose syntax: 'property:name.of.the.prop' # This list can contain special secrets marked with predifined `purpose`: # `acs-license` to pass license as a secret or subsystems:*:* to configure # an Alfresco subsystem. See [Configuring Alfresco - # Subsystem](./docs/subsystems.mq) for more details. + # Subsystem](./docs/subsystems.md) for more details. existingSecrets: - name: repository-secrets key: license.lic