diff --git a/7project/charts/myapp-chart/templates/app-deployment.yaml b/7project/charts/myapp-chart/templates/app-deployment.yaml index 499c1e4..1eeb7df 100644 --- a/7project/charts/myapp-chart/templates/app-deployment.yaml +++ b/7project/charts/myapp-chart/templates/app-deployment.yaml @@ -20,7 +20,7 @@ spec: securityContext: allowPrivilegeEscalation: false capabilities: - drop: ["ALL"] + drop: [ "ALL" ] ports: - containerPort: {{ .Values.app.port }} env: @@ -53,13 +53,25 @@ spec: - name: MAIL_QUEUE value: {{ .Values.worker.mailQueueName | default "mail_queue" | quote }} - name: MOJEID_CLIENT_ID - value: {{ .Values.oauth.mojeid.clientId | quote }} + valueFrom: + secretKeyRef: + name: prod + key: MOJEID_CLIENT_ID - name: MOJEID_CLIENT_SECRET - value: {{ .Values.oauth.mojeid.clientSecret | quote }} + valueFrom: + secretKeyRef: + name: prod + key: MOJEID_CLIENT_SECRET - name: BANKID_CLIENT_ID - value: {{ .Values.oauth.bankid.clientId | quote }} + valueFrom: + secretKeyRef: + name: prod + key: BANKID_CLIENT_ID - name: BANKID_CLIENT_SECRET - value: {{ .Values.oauth.bankid.clientSecret | quote }} + valueFrom: + secretKeyRef: + name: prod + key: BANKID_CLIENT_SECRET - name: DOMAIN value: {{ required "Set .Values.domain" .Values.domain | quote }} - name: DOMAIN_SCHEME diff --git a/7project/charts/myapp-chart/templates/prod.yaml b/7project/charts/myapp-chart/templates/prod.yaml new file mode 100644 index 0000000..43147b0 --- /dev/null +++ b/7project/charts/myapp-chart/templates/prod.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: prod +type: Opaque +stringData: + MOJEID_CLIENT_ID: {{ .Values.oauth.mojeid.clientId | quote }} + MOJEID_CLIENT_SECRET: {{ .Values.oauth.mojeid.clientSecret | quote }} + BANKID_CLIENT_ID: {{ .Values.oauth.bankid.clientId | quote }} + BANKID_CLIENT_SECRET: {{ .Values.oauth.bankid.clientSecret | quote }} \ No newline at end of file