Using Secret instead of ConfigMap to store loki config

By default loki helm chart stores the config in a ConfigMap. For backends that require credentials this is unsafe. Setting the `configStorageType` to secret will store the entire loki config in a Secret. Signed-off-by: Chris Blumentritt <[email protected]>
rackerlabs · Mar 8, 2024 · b80c725 · b80c725
1 parent 5b130b8
commit b80c725
Show file tree

Hide file tree

Showing 4 changed files with 3 additions and 0 deletions.
diff --git a/helm-configs/loki/README.md → docs/loki.md b/helm-configs/loki/README.md → docs/loki.md
diff --git a/helm-configs/loki/loki-helm-minio-overrides-example.yaml b/helm-configs/loki/loki-helm-minio-overrides-example.yaml
@@ -4,3 +4,4 @@ minio:
   enabled: true
 loki:
   auth_enabled: false
+  configStorageType: Secret
diff --git a/helm-configs/loki/loki-helm-s3-overrides-example.yaml b/helm-configs/loki/loki-helm-s3-overrides-example.yaml
@@ -4,6 +4,7 @@ minio:
   enabled: false
 loki:
   auth_enabled: false
+  configStorageType: Secret
   storage:
     bucketNames:
       chunks: < CHUNKS BUCKET NAME > # TODO: Update with relevant bucket name for chunks

diff --git a/helm-configs/loki/loki-helm-swift-overrides-example.yaml b/helm-configs/loki/loki-helm-swift-overrides-example.yaml
@@ -4,6 +4,7 @@ minio:
   enabled: false
 loki:
   auth_enabled: false
+  configStorageType: Secret
   storage:
     bucketNames:
       chunks: chunks