diff --git a/charts/sapl/v0.2.0/templates/deployment.yaml b/charts/sapl/v0.2.0/templates/deployment.yaml index 46864cc..18d728d 100644 --- a/charts/sapl/v0.2.0/templates/deployment.yaml +++ b/charts/sapl/v0.2.0/templates/deployment.yaml @@ -94,12 +94,9 @@ spec: {{- toYaml .Values.resources | nindent 12 }} volumes: - name: data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: data - {{- else }} - emptyDir: {} - {{- end }} + secret: + defaultMode: 440 + secretName: {{ include "sapl.fullname" . }}-secretkey - name: media {{- if .Values.persistence.enabled }} persistentVolumeClaim: diff --git a/charts/sapl/v0.2.0/templates/pvc-data.yaml b/charts/sapl/v0.2.0/templates/pvc-data.yaml deleted file mode 100644 index b1e7306..0000000 --- a/charts/sapl/v0.2.0/templates/pvc-data.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.persistence.enabled }} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: data -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/sapl/v0.2.0/templates/secretkey.yaml b/charts/sapl/v0.2.0/templates/secretkey.yaml new file mode 100644 index 0000000..f27680c --- /dev/null +++ b/charts/sapl/v0.2.0/templates/secretkey.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "sapl.fullname" . }}-secretkey + labels: + {{- include "sapl.labels" . | nindent 4 }} +type: Opaque +data: +{{- if .Release.IsUpgrade }} + secret.key: {{ index (lookup "v1" "Secret" .Release.Namespace (printf "%s-secretkey" (include "sapl.fullname" .))).data "secret.key" }} +{{ else }} # install operation + secret.key: {{ randAscii 50 | b64enc }} +{{ end }} \ No newline at end of file