wangchunlin
/
cvat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Helm: fix secrets for non-default release name (#5403)

Browse Source
main
Andrey Zhavoronkov 3 years ago committed by GitHub
parent 0943de9d6f
commit 6f6db4d554
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 31 additions and 30 deletions
Show Stats Download Patch File Download Diff File

2
.github/workflows/helm.yml vendored
Unescape Escape View File

@ -63,7 +63,7 @@ jobs:
cd helm-chart cd helm-chart
helm dependency update helm dependency update
cd .. cd ..
helm upgrade -n default cvat -i --create-namespace helm-chart -f helm-chart/values.yaml -f tests/values.test.yaml helm upgrade -n default release-${{ github.run_id }}-${{ github.run_attempt }} -i --create-namespace helm-chart -f helm-chart/values.yaml -f tests/values.test.yaml
- name: Update test config - name: Update test config
run: | run: |

1
CHANGELOG.md
Unescape Escape View File

@ -86,6 +86,7 @@ non-ascii paths while adding files from "Connected file share" (issue #4428)
- Fixed FBRS serverless function runtime error on images with alpha channel (<https://github.com/opencv/cvat/pull/5384>) - Fixed FBRS serverless function runtime error on images with alpha channel (<https://github.com/opencv/cvat/pull/5384>)
- Attaching manifest with custom name (<https://github.com/opencv/cvat/pull/5377>) - Attaching manifest with custom name (<https://github.com/opencv/cvat/pull/5377>)
- Uploading non-zip annotaion files (<https://github.com/opencv/cvat/pull/5386>) - Uploading non-zip annotaion files (<https://github.com/opencv/cvat/pull/5386>)
- Broken helm chart - if using custom release name (<https://github.com/opencv/cvat/pull/5403>)
- Missing source tag in project annotations (<https://github.com/opencv/cvat/pull/5408>) - Missing source tag in project annotations (<https://github.com/opencv/cvat/pull/5408>)
### Security ### Security

2
helm-chart/templates/cvat-postgres-secret.yml
Unescape Escape View File

@ -2,7 +2,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
{{- include "cvat.labels" . | nindent 4 }} {{- include "cvat.labels" . | nindent 4 }}

2
helm-chart/templates/cvat-server-secret.yml
Unescape Escape View File

@ -2,7 +2,7 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: "{{ .Release.Name }}-{{ .Values.cvat.backend.server.secret.name }}" name: "{{ tpl ( .Values.cvat.backend.server.secret.name) . }}"
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
type: generic type: generic
stringData: stringData:

8
helm-chart/templates/cvat_backend/cvat_worker_webhooks/deployment.yml
Unescape Escape View File

@ -63,22 +63,22 @@ spec:
- name: CVAT_POSTGRES_HOST - name: CVAT_POSTGRES_HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-hostname key: postgresql-hostname
- name: CVAT_POSTGRES_USER - name: CVAT_POSTGRES_USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-username key: postgresql-username
- name: CVAT_POSTGRES_DBNAME - name: CVAT_POSTGRES_DBNAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-database key: postgresql-database
- name: CVAT_POSTGRES_PASSWORD - name: CVAT_POSTGRES_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-password key: postgresql-password
{{- else }} {{- else }}
- name: CVAT_POSTGRES_HOST - name: CVAT_POSTGRES_HOST

16
helm-chart/templates/cvat_backend/server/deployment.yml
Unescape Escape View File

@ -62,22 +62,22 @@ spec:
- name: SOCIAL_AUTH_GOOGLE_CLIENT_ID - name: SOCIAL_AUTH_GOOGLE_CLIENT_ID
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.cvat.backend.server.secret.name }}" name: "{{ tpl (.Values.cvat.backend.server.secret.name) . }}"
key: googleClientId key: googleClientId
- name: SOCIAL_AUTH_GOOGLE_CLIENT_SECRET - name: SOCIAL_AUTH_GOOGLE_CLIENT_SECRET
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.cvat.backend.server.secret.name }}" name: "{{ tpl (.Values.cvat.backend.server.secret.name) . }}"
key: googleClientSecret key: googleClientSecret
- name: SOCIAL_AUTH_GITHUB_CLIENT_ID - name: SOCIAL_AUTH_GITHUB_CLIENT_ID
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.cvat.backend.server.secret.name }}" name: "{{ tpl (.Values.cvat.backend.server.secret.name) . }}"
key: githubClientId key: githubClientId
- name: SOCIAL_AUTH_GITHUB_CLIENT_SECRET - name: SOCIAL_AUTH_GITHUB_CLIENT_SECRET
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.cvat.backend.server.secret.name }}" name: "{{ tpl (.Values.cvat.backend.server.secret.name) . }}"
key: googleClientSecret key: googleClientSecret
{{- end }} {{- end }}
- name: IAM_OPA_BUNDLE - name: IAM_OPA_BUNDLE
@ -93,22 +93,22 @@ spec:
- name: CVAT_POSTGRES_HOST - name: CVAT_POSTGRES_HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-hostname key: postgresql-hostname
- name: CVAT_POSTGRES_USER - name: CVAT_POSTGRES_USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-username key: postgresql-username
- name: CVAT_POSTGRES_DBNAME - name: CVAT_POSTGRES_DBNAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-database key: postgresql-database
- name: CVAT_POSTGRES_PASSWORD - name: CVAT_POSTGRES_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-password key: postgresql-password
{{- else }} {{- else }}
- name: CVAT_POSTGRES_HOST - name: CVAT_POSTGRES_HOST

8
helm-chart/templates/cvat_backend/utils/deployment.yml
Unescape Escape View File

@ -64,22 +64,22 @@ spec:
- name: CVAT_POSTGRES_HOST - name: CVAT_POSTGRES_HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-hostname key: postgresql-hostname
- name: CVAT_POSTGRES_USER - name: CVAT_POSTGRES_USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-username key: postgresql-username
- name: CVAT_POSTGRES_DBNAME - name: CVAT_POSTGRES_DBNAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-database key: postgresql-database
- name: CVAT_POSTGRES_PASSWORD - name: CVAT_POSTGRES_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-password key: postgresql-password
{{- else }} {{- else }}
- name: CVAT_POSTGRES_HOST - name: CVAT_POSTGRES_HOST

8
helm-chart/templates/cvat_backend/worker_default/deployment.yml
Unescape Escape View File

@ -63,22 +63,22 @@ spec:
- name: CVAT_POSTGRES_HOST - name: CVAT_POSTGRES_HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-hostname key: postgresql-hostname
- name: CVAT_POSTGRES_USER - name: CVAT_POSTGRES_USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-username key: postgresql-username
- name: CVAT_POSTGRES_DBNAME - name: CVAT_POSTGRES_DBNAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-database key: postgresql-database
- name: CVAT_POSTGRES_PASSWORD - name: CVAT_POSTGRES_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-password key: postgresql-password
{{- else }} {{- else }}
- name: CVAT_POSTGRES_HOST - name: CVAT_POSTGRES_HOST

8
helm-chart/templates/cvat_backend/worker_low/deployment.yml
Unescape Escape View File

@ -63,22 +63,22 @@ spec:
- name: CVAT_POSTGRES_HOST - name: CVAT_POSTGRES_HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-hostname key: postgresql-hostname
- name: CVAT_POSTGRES_USER - name: CVAT_POSTGRES_USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-username key: postgresql-username
- name: CVAT_POSTGRES_DBNAME - name: CVAT_POSTGRES_DBNAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-database key: postgresql-database
- name: CVAT_POSTGRES_PASSWORD - name: CVAT_POSTGRES_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}" name: "{{ tpl (.Values.postgresql.secret.name) . }}"
key: postgresql-password key: postgresql-password
{{- else }} {{- else }}
- name: CVAT_POSTGRES_HOST - name: CVAT_POSTGRES_HOST

6
helm-chart/values.yaml
Unescape Escape View File

@ -22,7 +22,7 @@ cvat:
USE_ALLAUTH_SOCIAL_ACCOUNTS: false USE_ALLAUTH_SOCIAL_ACCOUNTS: false
secret: secret:
create: true create: true
name: cvat-server-secret name: "{{ .Release.Name }}-cvat-server-secret"
socialAccountAuthentication: socialAccountAuthentication:
googleClientId: "" googleClientId: ""
googleClientSecret: "" googleClientSecret: ""
@ -191,10 +191,10 @@ postgresql:
# If not external following config will be applied by default # If not external following config will be applied by default
global: global:
postgresql: postgresql:
existingSecret: cvat-postgres-secret existingSecret: "{{ .Release.Name }}-postgres-secret"
secret: secret:
create: true create: true
name: postgres-secret name: "{{ .Release.Name }}-postgres-secret"
password: cvat_postgresql password: cvat_postgresql
postgres_password: cvat_postgresql_postgres postgres_password: cvat_postgresql_postgres
replication_password: cvat_postgresql_replica replication_password: cvat_postgresql_replica

Write Preview
Loading…
Cancel
Save