Skip to content

Commit

Permalink
Remove token support. Remove datadirsync-secrets and reuse datadir gi…
Browse files Browse the repository at this point in the history 
…t info
  • Loading branch information
@jemacchi
jemacchi committed Feb 5, 2025
1 parent 365a00d commit a39fbbf
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 46 deletions.
42 changes: 15 additions & 27 deletions templates/datadirsync/datadirsync-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,30 +19,32 @@ spec:
spec:
serviceAccountName: {{ include "georchestra.fullname" . }}-datadirsync-serviceaccount
initContainers:
{{- if .Values.georchestra.datadir.git.ssh_secret }}
- name: init-permissions
image: busybox
command:
- sh
- -c
- |
echo "Setting up SSH key..."
if cp /tmp-ssh/id_rsa /tmp/git-rollout-operator/id_rsa; then
if cp /tmp-ssh/id_rsa /tmp/git-rollout-agent/id_rsa; then
echo "SSH key copied successfully"
else
echo "Copy failed"
fi
if chown 1001:1001 /tmp/git-rollout-operator/id_rsa && chmod 600 /tmp/git-rollout-operator/id_rsa; then
if chown 1001:1001 /tmp/git-rollout-agent/id_rsa && chmod 600 /tmp/git-rollout-agent/id_rsa; then
echo "SSH key permissions and ownership set successfully"
else
echo "Failed to set permissions or ownership"
fi
volumeMounts:
- name: ssh-key-volume
mountPath: /tmp-ssh
- name: git-rollout-operator-volume
mountPath: /tmp/git-rollout-operator
- name: git-rollout-agent-volume
mountPath: /tmp/git-rollout-agent
{{- end }}
containers:
- name: operator
- name: agent
image: {{ $webapp.image }}
env:
- name: GIT_REPO_URL
Expand All @@ -62,35 +64,21 @@ spec:
{{- join ", " $deployments }}
- name: ROLLOUT_NAMESPACE
value: "{{ .Release.Namespace }}"
{{- if and .Values.georchestra.datadir.git.username .Values.georchestra.datadir.git.token }}
- name: GIT_USERNAME
valueFrom:
secretKeyRef:
name: "{{ $webapp.gitCredentials.secretName }}"
key: "{{ $webapp.gitCredentials.usernameKey }}"
- name: GIT_TOKEN
valueFrom:
secretKeyRef:
name: "{{ $webapp.gitCredentials.secretName }}"
key: "{{ $webapp.gitCredentials.tokenKey }}"
{{- end }}
{{- if .Values.georchestra.datadir.git.ssh_secret }}
{{- if .Values.georchestra.datadir.git.ssh_secret }}
- name: GIT_SSH_COMMAND
value: ssh -i /tmp/git-rollout-operator/id_rsa -o "IdentitiesOnly=yes" -o "StrictHostKeyChecking=no"
value: ssh -i /tmp/git-rollout-agent/id_rsa -o "IdentitiesOnly=yes" -o "StrictHostKeyChecking=no"
volumeMounts:
- name: ssh-key-volume
mountPath: /tmp-ssh/id_rsa
subPath: id_rsa
- name: git-rollout-operator-volume
mountPath: /tmp/git-rollout-operator
{{- end }}
- name: git-rollout-agent-volume
mountPath: /tmp/git-rollout-agent
volumes:
# It's assumed that a subpath id_rsa is in the secret (with the content of the file)
- name: ssh-key-volume
secret:
secretName: {{ include "georchestra.fullname" . }}-{{ $webapp.gitCredentials.secretSuffixName }}
items:
- key: {{ $webapp.gitCredentials.sshKey }}
path: id_rsa
- name: git-rollout-operator-volume
secretName: {{ .Values.georchestra.datadir.git.ssh_secret }}
- name: git-rollout-agent-volume
emptyDir: {}
{{- end }}
{{- end }}
12 changes: 0 additions & 12 deletions templates/datadirsync/datadirsync-secrets.yaml
View file

This file was deleted.

7 changes: 0 additions & 7 deletions values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -214,8 +214,6 @@ georchestra:
url: https://github.com/georchestra/datadir.git
ref: docker-master
# ssh_secret: my-private-ssh-key
# username: my-git-username
# token: my-git-token
# Some cloud providers automatically create & assign PVs to PVCs
# some other need to create a PV first ; if so, then you can
# uncomment the `pv_name` entries below.
Expand Down Expand Up @@ -271,11 +269,6 @@ georchestra:
pollInterval: 10
deploymentSuffixNameList:
- geoserver
gitCredentials:
secretSuffixName: datadirsync-credentials
usernameKey: username
tokenKey: token
sshKey: ssh

fqdn: "georchestra-127-0-1-1.traefik.me"

Expand Down

0 comments on commit a39fbbf

Please sign in to comment.