pulsar-manager adding support for existing secret (#478)

2024-03-26 05:26:37 -07:00 · 2024-03-26 05:26:37 -07:00 · bc5862d4b0
commit bc5862d4b0
parent 3dee8dfe3b
4 changed files with 24 additions and 1 deletions
--- a/charts/pulsar/templates/pulsar-manager-admin-secret.yaml
+++ b/charts/pulsar/templates/pulsar-manager-admin-secret.yaml
@ -17,7 +17,7 @@
 # under the License.
 #

-{{- if .Values.components.pulsar_manager }}
+{{- if and .Values.components.pulsar_manager ( not .Values.pulsar_manager.admin.existingSecret ) }}
 apiVersion: v1
 kind: Secret
 metadata:
--- a/charts/pulsar/templates/pulsar-manager-cluster-initialize.yaml
+++ b/charts/pulsar/templates/pulsar-manager-cluster-initialize.yaml
@ -151,12 +151,20 @@ spec:
            - name: USERNAME
              valueFrom:
                secretKeyRef:
+                  {{- if .Values.pulsar_manager.admin.existingSecret }}
+                  name: {{ .Values.pulsar_manager.admin.existingSecret | quote }}
+                  {{- else }}
                  name: "{{ template "pulsar.fullname" . }}-{{ .Values.pulsar_manager.component }}-secret"
+                  {{- end }}
                  key: UI_USERNAME
            - name: PASSWORD
              valueFrom:
                secretKeyRef:
+                  {{- if .Values.pulsar_manager.admin.existingSecret }}
+                  name: {{ .Values.pulsar_manager.admin.existingSecret | quote }}
+                  {{- else }}
                  name: "{{ template "pulsar.fullname" . }}-{{ .Values.pulsar_manager.component }}-secret"
+                  {{- end }}
                  key: UI_PASSWORD
 {{- end }}
 {{- end }}
--- a/charts/pulsar/templates/pulsar-manager-statefulset.yaml
+++ b/charts/pulsar/templates/pulsar-manager-statefulset.yaml
@ -84,12 +84,20 @@ spec:
          - name: USERNAME
            valueFrom:
              secretKeyRef:
+                {{- if .Values.pulsar_manager.admin.existingSecret }}
+                name: {{ .Values.pulsar_manager.admin.existingSecret | quote }}
+                {{- else }}
                name: "{{ template "pulsar.fullname" . }}-{{ .Values.pulsar_manager.component }}-secret"
+                {{- end }}
                key: DB_USERNAME
          - name: PASSWORD
            valueFrom:
              secretKeyRef:
+                {{- if .Values.pulsar_manager.admin.existingSecret }}
+                name: {{ .Values.pulsar_manager.admin.existingSecret | quote }}
+                {{- else }}
                name: "{{ template "pulsar.fullname" . }}-{{ .Values.pulsar_manager.component }}-secret"
+                {{- end }}
                key: DB_PASSWORD
          - name: PULSAR_MANAGER_OPTS
            value: "$(PULSAR_MANAGER_OPTS) -Dlog4j2.formatMsgNoLookups=true"
--- a/charts/pulsar/values.yaml
+++ b/charts/pulsar/values.yaml
@ -1316,6 +1316,13 @@ pulsar_manager:
  ## And decode any key by using:
  ## kubectl get secret -l component=pulsar-manager -o=jsonpath="{.items[0].data.UI_PASSWORD}" | base64 --decode
  admin:
+    ## Setting a value at existingSecret disables automatic creation of the secret for pulsar_manager admin credentials and instead uses an existing secret to initialize pulsar-manager
+    ## The existing secret should have the following keys:
+    ## DB_PASSWORD: <database password>
+    ## DB_USERNAME: <database username>
+    ## UI_PASSWORD: <UI password>
+    ## UI_USERNAME: <UI username>
+    existingSecret: ""
    ui_username: "pulsar"
    ui_password: ""  # leave empty for random password
    db_username: "pulsar"