From e0ee868c64cab5c74d04560046feebf087b9f1fb Mon Sep 17 00:00:00 2001 From: drpsyko101 <drpsyko101@gmail.com> Date: Sat, 13 Apr 2024 21:50:30 +0800 Subject: [PATCH] Fix JWT expiry value not being parsed --- charts/supabase/templates/rest/deployment.yaml | 6 +++--- charts/supabase/templates/secrets/db.yaml | 2 +- charts/supabase/templates/test/secretrefs.yaml | 1 - charts/supabase/values.yaml | 4 ++-- 4 files changed, 6 insertions(+), 7 deletions(-) diff --git a/charts/supabase/templates/rest/deployment.yaml b/charts/supabase/templates/rest/deployment.yaml index 8fc7fd6..e877fa6 100644 --- a/charts/supabase/templates/rest/deployment.yaml +++ b/charts/supabase/templates/rest/deployment.yaml @@ -85,15 +85,15 @@ spec: name: {{ include "supabase.secret.jwt" . }} key: secret {{- end }} - - name: JWT_EXPIRY + - name: PGRST_APP_SETTINGS_JWT_SECRET valueFrom: secretKeyRef: {{- if .Values.secret.jwt.secretRef }} name: {{ .Values.secret.jwt.secretRef }} - key: {{ .Values.secret.jwt.secretRefKey.expiry | default "expiry" }} + key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }} {{- else }} name: {{ include "supabase.secret.jwt" . }} - key: expiry + key: secret {{- end }} {{- with .Values.rest.livenessProbe }} livenessProbe: diff --git a/charts/supabase/templates/secrets/db.yaml b/charts/supabase/templates/secrets/db.yaml index 5128699..8cd9791 100644 --- a/charts/supabase/templates/secrets/db.yaml +++ b/charts/supabase/templates/secrets/db.yaml @@ -9,7 +9,7 @@ type: Opaque data: {{- range $key, $value := .Values.secret.db }} {{- if $value }} -{{- if eq (typeOf $value) "string" }} +{{- if or (eq (typeOf $value) "string") (eq (typeOf $value) "numeric") }} {{ $key }}: {{ $value | b64enc }} {{- end }} {{- end }} diff --git a/charts/supabase/templates/test/secretrefs.yaml b/charts/supabase/templates/test/secretrefs.yaml index 50a0558..51245ac 100644 --- a/charts/supabase/templates/test/secretrefs.yaml +++ b/charts/supabase/templates/test/secretrefs.yaml @@ -14,7 +14,6 @@ data: anonKey: ZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5QWdDaUFnSUNBaWNtOXNaU0k2SUNKaGJtOXVJaXdLSUNBZ0lDSnBjM01pT2lBaWMzVndZV0poYzJVdFpHVnRieUlzQ2lBZ0lDQWlhV0YwSWpvZ01UWTBNVGMyT1RJd01Dd0tJQ0FnSUNKbGVIQWlPaUF4TnprNU5UTTFOakF3Q24wLmRjX1g1aVJfVlBfcVQwenNpeWpfSV9PWjJUOUZ0UlUyQkJOV044QnU0R0U= serviceKey: ZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5QWdDaUFnSUNBaWNtOXNaU0k2SUNKelpYSjJhV05sWDNKdmJHVWlMQW9nSUNBZ0ltbHpjeUk2SUNKemRYQmhZbUZ6WlMxa1pXMXZJaXdLSUNBZ0lDSnBZWFFpT2lBeE5qUXhOelk1TWpBd0xBb2dJQ0FnSW1WNGNDSTZJREUzT1RrMU16VTJNREFLZlEuRGFZbE5Fb1VyckVuMklnN3RxaWJTLVBISzV2Z3VzYmNibzdYMzZYVnQ0UQ== secret: eW91ci1zdXBlci1zZWNyZXQtand0LXRva2VuLXdpdGgtYXQtbGVhc3QtMzItY2hhcmFjdGVycy1sb25n - expiry: MzYwMA== {{- end }} {{- if .Values.secret.smtp.secretRef }} --- diff --git a/charts/supabase/values.yaml b/charts/supabase/values.yaml index 9f8e379..62dbe13 100644 --- a/charts/supabase/values.yaml +++ b/charts/supabase/values.yaml @@ -21,7 +21,6 @@ secret: anonKey: "" serviceKey: "" secret: "" - expiry: 3600 # specify existing secret, which takes precedence over variables above secretRef: "" # override secret keys for existing secret refs @@ -29,7 +28,6 @@ secret: anonKey: anonKey serviceKey: serviceKey secret: secret - expiry: expiry # database credentials # these fields must be provided even if using external database db: @@ -125,6 +123,7 @@ db: POSTGRES_HOST: /var/run/postgresql PGPORT: "5432" POSTGRES_PORT: "5432" + JWT_EXP: 3600 # POSTGRES_HOST_AUTH_METHOD: md5 # Enable SSL for postgres by specifying paths for mounted certificate key pair # POSTGRES_SSL_CERT: /path/to/ssl/server.crt @@ -388,6 +387,7 @@ rest: PGRST_DB_SCHEMAS: public,storage,graphql_public PGRST_DB_ANON_ROLE: anon PGRST_DB_USE_LEGACY_GUCS: false + PGRST_APP_SETTINGS_JWT_EXP: 3600 # volumeMounts: # - name: volume_name # mountPath: /path/to/my/secret -- GitLab