Fix script permissions
All checks were successful
Publish Helm Chart / publish (push) Successful in 25s
All checks were successful
Publish Helm Chart / publish (push) Successful in 25s
This commit is contained in:
olof.pettersson
@ -2,7 +2,7 @@ apiVersion: v2
|
|||||||
name: solidtime
|
name: solidtime
|
||||||
description: A Helm chart for Solidtime Time Tracker
|
description: A Helm chart for Solidtime Time Tracker
|
||||||
type: application
|
type: application
|
||||||
version: 0.1.2
|
version: 0.1.3
|
||||||
appVersion: "1.0.0"
|
appVersion: "1.0.0"
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: postgresql
|
- name: postgresql
|
||||||
|
|||||||
@ -65,4 +65,8 @@ spec:
|
|||||||
name: {{ .Values.secret.existingSecret | default (printf "%s-secret" (include "solidtime.fullname" .)) }}
|
name: {{ .Values.secret.existingSecret | default (printf "%s-secret" (include "solidtime.fullname" .)) }}
|
||||||
key: DB_PASSWORD
|
key: DB_PASSWORD
|
||||||
- name: LOG_LEVEL
|
- name: LOG_LEVEL
|
||||||
value: {{ .Values.config.logLevel | default "error" | quote }}
|
value: {{ .Values.config.logLevel | default "error" | quote }}
|
||||||
|
- name: LOG_CHANNEL
|
||||||
|
value: {{ .Values.config.logChannel | default "stderr" | quote }}
|
||||||
|
- name: LOG_DEPRECATIONS_CHANNEL
|
||||||
|
value: {{ .Values.config.logDeprecationsChannel | default "null" | quote }}
|
||||||
@ -19,24 +19,23 @@ spec:
|
|||||||
- |
|
- |
|
||||||
SECRET_NAME="solidtime-app-secrets"
|
SECRET_NAME="solidtime-app-secrets"
|
||||||
|
|
||||||
# 1. Check if secret exists
|
# 1. Check if secret already exists
|
||||||
if kubectl get secret $SECRET_NAME; then
|
if kubectl get secret $SECRET_NAME; then
|
||||||
echo "Keys already exist. Skipping generation."
|
echo "Keys already exist. Skipping generation."
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "Generating keys..."
|
echo "Generating keys in /tmp..."
|
||||||
|
|
||||||
# Generate Passport Keys
|
# 2. Generate Keys into /tmp (which is writable)
|
||||||
openssl genrsa -out private.key 4096
|
openssl genrsa -out /tmp/private.key 4096
|
||||||
openssl rsa -in private.key -pubout -out public.key
|
openssl rsa -in /tmp/private.key -pubout -out /tmp/public.key
|
||||||
|
|
||||||
# Generate App Key (base64 encoded random 32 chars)
|
# Generate App Key
|
||||||
APP_KEY="base64:$(openssl rand -base64 32)"
|
APP_KEY="base64:$(openssl rand -base64 32)"
|
||||||
|
|
||||||
# 2. Create Secret with ALL keys
|
# 3. Create Secret reading from /tmp
|
||||||
# We use --from-file for RSA keys to preserve newlines correctly
|
|
||||||
kubectl create secret generic $SECRET_NAME \
|
kubectl create secret generic $SECRET_NAME \
|
||||||
--from-literal=APP_KEY="$APP_KEY" \
|
--from-literal=APP_KEY="$APP_KEY" \
|
||||||
--from-file=PASSPORT_PRIVATE_KEY=private.key \
|
--from-file=PASSPORT_PRIVATE_KEY=/tmp/private.key \
|
||||||
--from-file=PASSPORT_PUBLIC_KEY=public.key
|
--from-file=PASSPORT_PUBLIC_KEY=/tmp/public.key
|
||||||
@ -26,6 +26,8 @@ env:
|
|||||||
config:
|
config:
|
||||||
# Valid Laravel log levels: debug, info, notice, warning, error, critical, alert, emergency
|
# Valid Laravel log levels: debug, info, notice, warning, error, critical, alert, emergency
|
||||||
logLevel: "error"
|
logLevel: "error"
|
||||||
|
logChannel: "stderr"
|
||||||
|
logDeprecationsChannel: null
|
||||||
|
|
||||||
# Secret Management
|
# Secret Management
|
||||||
secret:
|
secret:
|
||||||
|
|||||||
Reference in New Issue
Block a user