diff --git a/charts/supabase/templates/analytics/deployment.yaml b/charts/supabase/templates/analytics/deployment.yaml index 2b4b80053c6fda6b1c8d70d0c6e878ebfa072fb4..3c4f585c2dc5e6aca3ea8053afeb615d3f54f345 100644 --- a/charts/supabase/templates/analytics/deployment.yaml +++ b/charts/supabase/templates/analytics/deployment.yaml @@ -44,10 +44,11 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.username | default "username" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: username + {{- end }} - name: DB_PORT value: {{ .Values.analytics.environment.DB_PORT | quote }} command: ["/bin/sh", "-c"] @@ -78,16 +79,17 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: password + {{- end }} - name: DB_PASSWORD_ENC valueFrom: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} - key: password + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} key: password_encoded @@ -97,19 +99,21 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.database | default "database" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: database + {{- end }} - name: LOGFLARE_API_KEY valueFrom: secretKeyRef: {{- if .Values.secret.analytics.secretRef }} name: {{ .Values.secret.analytics.secretRef }} + key: {{ .Values.secret.analytics.secretRefKey.apiKey | default "apiKey" }} {{- else }} name: {{ include "supabase.secret.analytics" . }} - {{- end }} key: apiKey + {{- end }} {{- if .Values.analytics.bigQuery.enabled }} - name: GOOGLE_PROJECT_ID value: {{ .Values.analytics.bigQuery.projectId | quote }} diff --git a/charts/supabase/templates/auth/deployment.yaml b/charts/supabase/templates/auth/deployment.yaml index 3fa161e50cc2a2e2a68aadead2d0739f430b517d..f3830453f8afd9d2c226bdd2eab9fac78be10df8 100644 --- a/charts/supabase/templates/auth/deployment.yaml +++ b/charts/supabase/templates/auth/deployment.yaml @@ -44,10 +44,11 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.username | default "username" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: username + {{- end }} - name: DB_PORT value: {{ .Values.auth.environment.DB_PORT | quote }} command: ["/bin/sh", "-c"] @@ -78,16 +79,17 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: password + {{- end }} - name: DB_PASSWORD_ENC valueFrom: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} - key: password + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} key: password_encoded @@ -97,10 +99,11 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.database | default "database" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: database + {{- end }} - name: GOTRUE_DB_DATABASE_URL value: $(DB_DRIVER)://$(DB_USER):$(DB_PASSWORD_ENC)@$(DB_HOST):$(DB_PORT)/$(DB_NAME)?search_path=auth&sslmode=$(DB_SSL) - name: GOTRUE_DB_DRIVER @@ -110,28 +113,31 @@ spec: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: secret + {{- end }} - name: GOTRUE_SMTP_USER valueFrom: secretKeyRef: {{- if .Values.secret.smtp.secretRef }} name: {{ .Values.secret.smtp.secretRef }} + key: {{ .Values.secret.smtp.secretRefKey.username | default "username" }} {{- else }} name: {{ include "supabase.secret.smtp" . }} - {{- end }} key: username + {{- end }} - name: GOTRUE_SMTP_PASS valueFrom: secretKeyRef: {{- if .Values.secret.smtp.secretRef }} name: {{ .Values.secret.smtp.secretRef }} + key: {{ .Values.secret.smtp.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.smtp" . }} - {{- end }} key: password + {{- end }} {{- with .Values.auth.livenessProbe }} livenessProbe: {{- toYaml . | nindent 12 }} diff --git a/charts/supabase/templates/db/deployment.yaml b/charts/supabase/templates/db/deployment.yaml index fb4e98815e69cad046fac6d85e5eeaf6122d2b8c..75f3c8effee3964743014fc2568a01c917480c11 100644 --- a/charts/supabase/templates/db/deployment.yaml +++ b/charts/supabase/templates/db/deployment.yaml @@ -68,46 +68,51 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.username | default "username" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: username + {{- end }} - name: PGPASSWORD valueFrom: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: password + {{- end }} - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: password + {{- end }} - name: PGDATABASE valueFrom: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.database | default "database" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: database + {{- end }} - name: POSTGRES_DB valueFrom: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.database | default "database" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: database + {{- end }} {{- with .Values.db.livenessProbe }} livenessProbe: {{- toYaml . | nindent 12 }} diff --git a/charts/supabase/templates/functions/deployment.yaml b/charts/supabase/templates/functions/deployment.yaml index a3c5328942d819859af4b91b15ed759d847fc283..22726897ec2c2058ff577d40f834007d99ba5c10 100644 --- a/charts/supabase/templates/functions/deployment.yaml +++ b/charts/supabase/templates/functions/deployment.yaml @@ -54,16 +54,17 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: password + {{- end }} - name: DB_PASSWORD_ENC valueFrom: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} - key: password + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} key: password_encoded @@ -73,37 +74,41 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.database | default "database" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: database + {{- end }} - name: JWT_SECRET valueFrom: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: secret + {{- end }} - name: SUPABASE_ANON_KEY valueFrom: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.anonKey | default "anonKey" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: anonKey + {{- end }} - name: SUPABASE_SERVICE_ROLE_KEY valueFrom: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.serviceKey | default "serviceKey" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: serviceKey + {{- end }} - name: POSTGRES_BACKEND_URL value: $(DB_DRIVER)://$(DB_USERNAME):$(DB_PASSWORD_ENC)@$(DB_HOSTNAME):$(DB_PORT)/$(DB_DATABASE)?search_path=auth&sslmode=$(DB_SSL) {{- with .Values.functions.livenessProbe }} diff --git a/charts/supabase/templates/kong/deployment.yaml b/charts/supabase/templates/kong/deployment.yaml index 4ecc1591ccd2edfe12cf02aa6b45f5ad8e9da5fc..fcedfbbd28d25b66aaadf743af62f82d59733a83 100644 --- a/charts/supabase/templates/kong/deployment.yaml +++ b/charts/supabase/templates/kong/deployment.yaml @@ -46,38 +46,42 @@ spec: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.anonKey | default "anonKey" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: anonKey + {{- end }} - name: SUPABASE_SERVICE_KEY valueFrom: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.serviceKey | default "serviceKey" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: serviceKey + {{- end }} {{- if .Values.secret.dashboard }} - name: DASHBOARD_USERNAME valueFrom: secretKeyRef: {{- if .Values.secret.dashboard.secretRef }} name: {{ .Values.secret.dashboard.secretRef }} + key: {{ .Values.secret.dashboard.secretRefKey.username | default "username" }} {{- else }} name: {{ include "supabase.secret.dashboard" . }} - {{- end }} key: username + {{- end }} - name: DASHBOARD_PASSWORD valueFrom: secretKeyRef: {{- if .Values.secret.dashboard.secretRef }} name: {{ .Values.secret.dashboard.secretRef }} + key: {{ .Values.secret.dashboard.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.dashboard" . }} - {{- end }} key: password + {{- end }} {{- end }} {{- with .Values.kong.livenessProbe }} livenessProbe: diff --git a/charts/supabase/templates/meta/deployment.yaml b/charts/supabase/templates/meta/deployment.yaml index 80f4ce125e37f81e20c58d2b465b6a04dcdcdc8c..2dac17b52caca572b192ac037d122d161d662e60 100644 --- a/charts/supabase/templates/meta/deployment.yaml +++ b/charts/supabase/templates/meta/deployment.yaml @@ -48,19 +48,21 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: password + {{- end }} - name: DB_NAME valueFrom: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.database | default "database" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: database + {{- end }} - name: PG_META_DB_HOST value: $(DB_HOST) - name: PG_META_DB_PORT diff --git a/charts/supabase/templates/realtime/deployment.yaml b/charts/supabase/templates/realtime/deployment.yaml index 06ddb3095f5285ccada024bc7dae64dd862749f4..4083a46f5a241bc283e295eca357ee16798b4bcb 100644 --- a/charts/supabase/templates/realtime/deployment.yaml +++ b/charts/supabase/templates/realtime/deployment.yaml @@ -44,10 +44,11 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.username | default "username" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: username + {{- end }} - name: DB_PORT value: {{ .Values.analytics.environment.DB_PORT | quote }} command: ["/bin/sh", "-c"] @@ -80,37 +81,41 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: password + {{- end }} - name: DB_NAME valueFrom: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.database | default "database" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: database + {{- end }} - name: JWT_SECRET valueFrom: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: secret + {{- end }} - name: API_JWT_SECRET valueFrom: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: secret + {{- end }} {{- with .Values.realtime.livenessProbe }} livenessProbe: {{- toYaml . | nindent 12 }} diff --git a/charts/supabase/templates/rest/deployment.yaml b/charts/supabase/templates/rest/deployment.yaml index 538d9d7c13837bda0de9f9e08643eb9768fc1531..8fc7fd6a441be45973e41b19a587fc7eb1c5375e 100644 --- a/charts/supabase/templates/rest/deployment.yaml +++ b/charts/supabase/templates/rest/deployment.yaml @@ -48,16 +48,17 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: password + {{- end }} - name: DB_PASSWORD_ENC valueFrom: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} - key: password + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} key: password_encoded @@ -67,10 +68,11 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.database | default "database" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: database + {{- end }} - name: PGRST_DB_URI value: $(DB_DRIVER)://$(DB_USER):$(DB_PASSWORD_ENC)@$(DB_HOST):$(DB_PORT)/$(DB_NAME)?sslmode=$(DB_SSL) - name: PGRST_JWT_SECRET @@ -78,19 +80,21 @@ spec: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: secret + {{- end }} - name: JWT_EXPIRY valueFrom: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.expiry | default "expiry" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: expiry + {{- end }} {{- with .Values.rest.livenessProbe }} livenessProbe: {{- toYaml . | nindent 12 }} diff --git a/charts/supabase/templates/secrets/analytics.yaml b/charts/supabase/templates/secrets/analytics.yaml index 83e7b42090fe5c693d89dc16facb6c15f7ba01c4..8710542fe0752894256b732126765df24411b6f1 100644 --- a/charts/supabase/templates/secrets/analytics.yaml +++ b/charts/supabase/templates/secrets/analytics.yaml @@ -1,4 +1,4 @@ -{{- if .Values.secret.analytics }} +{{- if not .Values.secret.analytics.secretRef }} apiVersion: v1 kind: Secret metadata: diff --git a/charts/supabase/templates/secrets/dashboard.yaml b/charts/supabase/templates/secrets/dashboard.yaml index f81ef57b3cbe3f5390a8418b7a6a417f6a553343..d0db4c7c138b5a9b779c8cb2a6ead299a09c7a78 100644 --- a/charts/supabase/templates/secrets/dashboard.yaml +++ b/charts/supabase/templates/secrets/dashboard.yaml @@ -1,4 +1,5 @@ {{- if .Values.secret.dashboard }} +{{- if not .Values.secret.dashboard.secretRef }} apiVersion: v1 kind: Secret metadata: @@ -11,3 +12,4 @@ data: {{ $key }}: {{ $value | b64enc }} {{- end }} {{- end }} +{{- end }} diff --git a/charts/supabase/templates/secrets/db.yaml b/charts/supabase/templates/secrets/db.yaml index 1a6a26e0ec25bc67e07bf9c9165d0361bcaf3823..21f5735e96f6620af793f80b4574d51a705304d9 100644 --- a/charts/supabase/templates/secrets/db.yaml +++ b/charts/supabase/templates/secrets/db.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.secret.db }} apiVersion: v1 kind: Secret metadata: @@ -10,3 +11,4 @@ data: {{ $key }}: {{ $value | b64enc }} {{- end }} password_encoded: {{ .Values.secret.db.password | urlquery | b64enc }} +{{- end }} diff --git a/charts/supabase/templates/secrets/jwt.yaml b/charts/supabase/templates/secrets/jwt.yaml index 5622d23243bc42a3536a95f236728f215793076a..b8d4296c2e405e15d33681285a26a56c36293488 100644 --- a/charts/supabase/templates/secrets/jwt.yaml +++ b/charts/supabase/templates/secrets/jwt.yaml @@ -1,4 +1,5 @@ {{- if .Values.secret.jwt }} +{{- if not .Values.secret.jwt.secretRef }} apiVersion: v1 kind: Secret metadata: @@ -11,3 +12,4 @@ data: {{ $key }}: {{ $value | toString | b64enc }} {{- end }} {{- end }} +{{- end }} diff --git a/charts/supabase/templates/secrets/s3.yaml b/charts/supabase/templates/secrets/s3.yaml index 1752e65812036aebba7e0ead11a27aaf8979c6a8..510610b05f7137083bc3cdb835684a423ce9f3de 100644 --- a/charts/supabase/templates/secrets/s3.yaml +++ b/charts/supabase/templates/secrets/s3.yaml @@ -1,4 +1,5 @@ {{- if .Values.secret.s3 }} +{{- if not .Values.secret.s3.secretRef }} apiVersion: v1 kind: Secret metadata: @@ -11,3 +12,4 @@ data: {{ $key }}: {{ $value | toString | b64enc }} {{- end }} {{- end }} +{{- end }} diff --git a/charts/supabase/templates/secrets/smtp.yaml b/charts/supabase/templates/secrets/smtp.yaml index 38b70b70878b6180df9ce993fb3876d7a27c5608..4dd4a9319ff0b307ef7a8e3d056a7c71ed71c99e 100644 --- a/charts/supabase/templates/secrets/smtp.yaml +++ b/charts/supabase/templates/secrets/smtp.yaml @@ -1,4 +1,5 @@ {{- if .Values.secret.smtp }} +{{- if not .Values.secret.smtp.secretRef }} apiVersion: v1 kind: Secret metadata: @@ -11,3 +12,4 @@ data: {{ $key }}: {{ $value | b64enc }} {{- end }} {{- end }} +{{- end }} diff --git a/charts/supabase/templates/storage/deployment.yaml b/charts/supabase/templates/storage/deployment.yaml index 613278312ac01bb9ca78addff06ac594838ad49b..4b93977602617f0ada76ed5e107f63bd50e979f5 100644 --- a/charts/supabase/templates/storage/deployment.yaml +++ b/charts/supabase/templates/storage/deployment.yaml @@ -45,10 +45,11 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.username | default "username" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: username + {{- end }} - name: DB_PORT value: {{ .Values.analytics.environment.DB_PORT | quote }} command: ["/bin/sh", "-c"] @@ -108,16 +109,17 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: password + {{- end }} - name: DB_PASSWORD_ENC valueFrom: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} - key: password + key: {{ .Values.secret.db.secretRefKey.password | default "password" }} {{- else }} name: {{ include "supabase.secret.db" . }} key: password_encoded @@ -127,10 +129,11 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.database | default "database" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: database + {{- end }} - name: DATABASE_URL value: $(DB_DRIVER)://$(DB_USER):$(DB_PASSWORD_ENC)@$(DB_HOST):$(DB_PORT)/$(DB_NAME)?search_path=auth&sslmode=$(DB_SSL) - name: PGRST_JWT_SECRET @@ -138,28 +141,31 @@ spec: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: secret + {{- end }} - name: ANON_KEY valueFrom: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.anonKey | default "anonKey" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: anonKey + {{- end }} - name: SERVICE_KEY valueFrom: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.serviceKey | default "serviceKey" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: serviceKey + {{- end }} {{- if .Values.imgproxy.enabled }} - name: IMGPROXY_URL value: http://{{ include "supabase.imgproxy.fullname" . }}:{{ .Values.imgproxy.service.port | int }} diff --git a/charts/supabase/templates/studio/deployment.yaml b/charts/supabase/templates/studio/deployment.yaml index 90e9e16029a10f4d550a9472f4d9ec671a0b7c3e..dc4d9f8466a1490f9fea3ff5bf885c85777395aa 100644 --- a/charts/supabase/templates/studio/deployment.yaml +++ b/charts/supabase/templates/studio/deployment.yaml @@ -52,19 +52,21 @@ spec: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.anonKey | default "anonKey" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: anonKey + {{- end }} - name: SUPABASE_SERVICE_KEY valueFrom: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} + key: {{ .Values.secret.jwt.secretRefKey.serviceKey | default "serviceKey" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - {{- end }} key: serviceKey + {{- end }} {{- if .Values.analytics.enabled }} - name: LOGFLARE_URL value: http://{{ include "supabase.analytics.fullname" . }}:{{ .Values.analytics.service.port }} diff --git a/charts/supabase/templates/test/db.yaml b/charts/supabase/templates/test/db.yaml index 43a7be7d27edc609a515fa9ff76eaef4c42da6c0..296bcc3bb77ce5169c35901dea5e69f02a5a6ae2 100644 --- a/charts/supabase/templates/test/db.yaml +++ b/charts/supabase/templates/test/db.yaml @@ -30,10 +30,11 @@ spec: secretKeyRef: {{- if .Values.secret.db.secretRef }} name: {{ .Values.secret.db.secretRef }} + key: {{ .Values.secret.db.secretRefKey.username | default "username" }} {{- else }} name: {{ include "supabase.secret.db" . }} - {{- end }} key: username + {{- end }} - name: DB_PORT value: {{ .Values.auth.environment.DB_PORT | quote }} image: postgres:15-alpine diff --git a/charts/supabase/templates/vector/deployment.yaml b/charts/supabase/templates/vector/deployment.yaml index 890efcbcc12db9a42bdfb237e1eedeaa6d20837e..911ff08d5b24ee4db1c8e09d637255af818989f3 100644 --- a/charts/supabase/templates/vector/deployment.yaml +++ b/charts/supabase/templates/vector/deployment.yaml @@ -54,10 +54,11 @@ spec: secretKeyRef: {{- if .Values.secret.analytics.secretRef }} name: {{ .Values.secret.analytics.secretRef }} + key: {{ .Values.secret.analytics.secretRefKey.apiKey | default "apiKey" }} {{- else }} name: {{ include "supabase.secret.analytics" . }} - {{- end }} key: apiKey + {{- end }} {{- end }} {{- with .Values.vector.livenessProbe }} livenessProbe: diff --git a/charts/supabase/values.yaml b/charts/supabase/values.yaml index 640120d23f2ffbc850e85ca54378c9eba440b2a3..9f8e379240b8c61eb158744e2471a354caf735b9 100644 --- a/charts/supabase/values.yaml +++ b/charts/supabase/values.yaml @@ -24,6 +24,12 @@ secret: expiry: 3600 # specify existing secret, which takes precedence over variables above secretRef: "" + # override secret keys for existing secret refs + secretRefKey: + anonKey: anonKey + serviceKey: serviceKey + secret: secret + expiry: expiry # database credentials # these fields must be provided even if using external database db: @@ -32,17 +38,29 @@ secret: database: "" # specify existing secret, which takes precedence over variables above secretRef: "" + # override secret keys for existing secret refs + secretRefKey: + username: username + password: password + database: database # analytics Logflare API key analytics: apiKey: "" # specify existing secret, which takes precedence over variable above secretRef: "" + # override secret keys for existing secret refs + secretRefKey: + apiKey: apiKey # smtp will be used to reference secret including smtp credentials smtp: # username: "" # password: "" # specify existing secret, which takes precedence over variables above # secretRef: "" + # override secret keys for existing secret refs + secretRefKey: + username: username + password: password # secret used to access the studio dashboard # leave it empty to disable dashboard authentication dashboard: @@ -50,12 +68,20 @@ secret: # password: "" # specify existing secret, which takes precedence over variables above # secretRef: "" + # override secret keys for existing secret refs + secretRefKey: + username: username + password: password # S3 credentials for storage object bucket s3: # keyId: "" # accessKey: "" # specify existing secret, which takes precedence over variables above # secretRef: "" + # override secret keys for existing secret refs + secretRefKey: + keyId: keyId + accessKey: accessKey # Optional: Postgres Database # A standalone Postgres database configured to work with Supabase services.