diff --git a/charts/redis-ha/Chart.yaml b/charts/redis-ha/Chart.yaml index a04c9aa..b48a3db 100644 --- a/charts/redis-ha/Chart.yaml +++ b/charts/redis-ha/Chart.yaml @@ -5,7 +5,7 @@ keywords: - redis - keyvalue - database -version: 4.23.0 +version: 4.23.1 appVersion: 7.0.9 description: This Helm chart provides a highly available Redis implementation with a master/slave configuration and uses Sentinel sidecars for failover management icon: https://upload.wikimedia.org/wikipedia/en/thumb/6/6b/Redis_Logo.svg/1200px-Redis_Logo.svg.png diff --git a/charts/redis-ha/templates/redis-auth-secret.yaml b/charts/redis-ha/templates/redis-auth-secret.yaml index a1fd631..1a878ef 100644 --- a/charts/redis-ha/templates/redis-auth-secret.yaml +++ b/charts/redis-ha/templates/redis-auth-secret.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.auth (not .Values.existingSecret) -}} +{{- if and .Values.auth (not (tpl (.Values.existingSecret | default "" ) . )) -}} apiVersion: v1 kind: Secret metadata: diff --git a/charts/redis-ha/templates/redis-ha-secret.yaml b/charts/redis-ha/templates/redis-ha-secret.yaml index 91cc7f2..79e77e3 100644 --- a/charts/redis-ha/templates/redis-ha-secret.yaml +++ b/charts/redis-ha/templates/redis-ha-secret.yaml @@ -1,4 +1,4 @@ -{{- if not .Values.restore.existingSecret }} +{{- if not (tpl (.Values.restore.existingSecret | default "" ) . ) }} {{- $regexRestoreS3 := "^s3://.+|^S3://.+" -}} diff --git a/charts/redis-ha/templates/redis-ha-serviceaccount.yaml b/charts/redis-ha/templates/redis-ha-serviceaccount.yaml index e8894c1..b37881f 100644 --- a/charts/redis-ha/templates/redis-ha-serviceaccount.yaml +++ b/charts/redis-ha/templates/redis-ha-serviceaccount.yaml @@ -16,10 +16,10 @@ metadata: secrets: {{- end }} {{- if .Values.auth }} -- name: {{ default (include "redis-ha.fullname" .) .Values.existingSecret }} +- name: {{ default (include "redis-ha.fullname" .) (tpl (.Values.existingSecret | default "" ) . ) }} {{- end }} {{- if .Values.sentinel.auth }} -- name: {{ default (printf "%s-sentinel" (include "redis-ha.fullname" .)) .Values.sentinel.existingSecret }} +- name: {{ default (printf "%s-sentinel" (include "redis-ha.fullname" .)) (tpl (.Values.sentinel.existingSecret | default "" ) . ) }} {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 0 }} diff --git a/charts/redis-ha/templates/redis-ha-statefulset.yaml b/charts/redis-ha/templates/redis-ha-statefulset.yaml index 251beba..6202b1b 100644 --- a/charts/redis-ha/templates/redis-ha-statefulset.yaml +++ b/charts/redis-ha/templates/redis-ha-statefulset.yaml @@ -154,8 +154,8 @@ spec: - name: AUTH valueFrom: secretKeyRef: - {{- if .Values.existingSecret }} - name: {{ .Values.existingSecret }} + {{- if tpl (.Values.existingSecret | default "" ) . }} + name: {{ tpl (.Values.existingSecret | default "" ) . }} {{- else }} name: {{ template "redis-ha.fullname" . }} {{- end }} @@ -165,8 +165,8 @@ spec: - name: SENTINELAUTH valueFrom: secretKeyRef: - {{- if .Values.sentinel.existingSecret }} - name: {{ .Values.sentinel.existingSecret }} + {{- if tpl (.Values.sentinel.existingSecret | default "" ) . }} + name: {{ tpl (.Values.sentinel.existingSecret | default "" ) . }} {{- else }} name: {{ template "redis-ha.fullname" . }}-sentinel {{- end }} @@ -200,8 +200,8 @@ spec: && mv -v /data/dump.rdb_ /data/dump.rdb" envFrom: - secretRef: - {{- if .Values.restore.existingSecret }} - name: {{ .Values.existingSecret }} + {{- if tpl (.Values.restore.existingSecret | default "" ) . }} + name: {{ tpl (.Values.existingSecret | default "" ) . }} # This one is suspicious, one would expect restore.existingSecret as well {{- else }} name: {{ include "redis-ha.fullname" . }}-secret {{- end }} @@ -234,8 +234,8 @@ spec: securityContext: {{ toYaml .Values.containerSecurityContext | nindent 10 }} envFrom: - secretRef: - {{- if .Values.restore.existingSecret }} - name: {{ .Values.existingSecret }} + {{- if tpl (.Values.restore.existingSecret | default "" ) . }} + name: {{ tpl (.Values.existingSecret | default "" ) . }} # This one is suspicious, one would expect restore.existingSecret as well {{- else }} name: {{ include "redis-ha.fullname" . }}-secret {{- end }} @@ -260,8 +260,8 @@ spec: - name: AUTH valueFrom: secretKeyRef: - {{- if .Values.existingSecret }} - name: {{ .Values.existingSecret }} + {{- if tpl (.Values.existingSecret | default "" ) . }} + name: {{ tpl (.Values.existingSecret | default "" ) . }} {{- else }} name: {{ template "redis-ha.fullname" . }} {{- end }} @@ -331,8 +331,8 @@ spec: - name: AUTH valueFrom: secretKeyRef: - {{- if .Values.existingSecret }} - name: {{ .Values.existingSecret }} + {{- if tpl (.Values.existingSecret | default "" ) . }} + name: {{ tpl (.Values.existingSecret | default "" ) . }} {{- else }} name: {{ template "redis-ha.fullname" . }} {{- end }} @@ -342,8 +342,8 @@ spec: - name: SENTINELAUTH valueFrom: secretKeyRef: - {{- if .Values.sentinel.existingSecret }} - name: {{ .Values.sentinel.existingSecret }} + {{- if tpl (.Values.sentinel.existingSecret | default "" ) . }} + name: {{ tpl (.Values.sentinel.existingSecret | default "" ) . }} {{- else }} name: {{ template "redis-ha.fullname" . }}-sentinel {{- end }} @@ -416,8 +416,8 @@ spec: - name: AUTH valueFrom: secretKeyRef: - {{- if .Values.existingSecret }} - name: {{ .Values.existingSecret }} + {{- if tpl (.Values.existingSecret | default "" ) . }} + name: {{ tpl (.Values.existingSecret | default "" ) . }} {{- else }} name: {{ template "redis-ha.fullname" . }} {{- end }} @@ -427,8 +427,8 @@ spec: - name: SENTINELAUTH valueFrom: secretKeyRef: - {{- if .Values.sentinel.existingSecret }} - name: {{ .Values.sentinel.existingSecret }} + {{- if tpl (.Values.sentinel.existingSecret | default "" ) . }} + name: {{ tpl (.Values.sentinel.existingSecret | default "" ) . }} {{- else }} name: {{ template "redis-ha.fullname" . }}-sentinel {{- end }} @@ -467,8 +467,8 @@ spec: - name: REDIS_PASSWORD valueFrom: secretKeyRef: - {{- if .Values.existingSecret }} - name: {{ .Values.existingSecret }} + {{- if tpl (.Values.existingSecret | default "" ) . }} + name: {{ tpl (.Values.existingSecret | default "" ) . }} {{- else }} name: {{ template "redis-ha.fullname" . }} {{- end }} @@ -541,8 +541,8 @@ spec: {{- if .Values.redis.tlsPort }} - name: tls-certs secret: - {{- if .Values.tls.secretName }} - secretName: {{ .Values.tls.secretName }} + {{- if tpl (.Values.tls.secretName | default "" ) . }} + secretName: {{ tpl (.Values.tls.secretName | default "" ) . }} {{- else }} secretName: {{ template "redis-ha.fullname" . }}-tls-secret {{- end }} diff --git a/charts/redis-ha/templates/redis-haproxy-deployment.yaml b/charts/redis-ha/templates/redis-haproxy-deployment.yaml index 8ca265c..94df868 100644 --- a/charts/redis-ha/templates/redis-haproxy-deployment.yaml +++ b/charts/redis-ha/templates/redis-haproxy-deployment.yaml @@ -121,8 +121,8 @@ spec: - name: AUTH valueFrom: secretKeyRef: - {{- if .Values.existingSecret }} - name: {{ .Values.existingSecret }} + {{- if tpl (.Values.existingSecret | default "" ) . }} + name: {{ tpl (.Values.existingSecret | default "" ) . }} {{- else }} name: {{ template "redis-ha.fullname" . }} {{- end }} @@ -132,8 +132,8 @@ spec: - name: SENTINELAUTH valueFrom: secretKeyRef: - {{- if .Values.sentinel.existingSecret }} - name: {{ .Values.sentinel.existingSecret }} + {{- if tpl (.Values.sentinel.existingSecret | default "" ) . }} + name: {{ tpl (.Values.sentinel.existingSecret | default "" ) . }} {{- else }} name: {{ template "redis-ha.fullname" . }}-sentinel {{- end }} @@ -183,7 +183,7 @@ spec: {{- if .Values.haproxy.tls.enabled }} - name: pemfile secret: - secretName: {{ .Values.haproxy.tls.secretName }} + secretName: {{ tpl .Values.haproxy.tls.secretName . }} {{- end }} - name: config-volume configMap: diff --git a/charts/redis-ha/templates/redis-tls-secret.yaml b/charts/redis-ha/templates/redis-tls-secret.yaml index d303470..e430f3a 100644 --- a/charts/redis-ha/templates/redis-tls-secret.yaml +++ b/charts/redis-ha/templates/redis-tls-secret.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.redis.tlsPort (not .Values.tls.secretName) -}} +{{- if and .Values.redis.tlsPort (not (tpl (.Values.tls.secretName | default "" ) . )) -}} apiVersion: v1 kind: Secret metadata: diff --git a/charts/redis-ha/templates/sentinel-auth-secret.yaml b/charts/redis-ha/templates/sentinel-auth-secret.yaml index d351be6..ced9aac 100644 --- a/charts/redis-ha/templates/sentinel-auth-secret.yaml +++ b/charts/redis-ha/templates/sentinel-auth-secret.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.sentinel.auth (not .Values.sentinel.existingSecret) -}} +{{- if and .Values.sentinel.auth (not (tpl ( .Values.sentinel.existingSecret | default "" ) . )) -}} apiVersion: v1 kind: Secret metadata: diff --git a/charts/redis-ha/values.yaml b/charts/redis-ha/values.yaml index 0f14820..a47bad8 100644 --- a/charts/redis-ha/values.yaml +++ b/charts/redis-ha/values.yaml @@ -71,6 +71,7 @@ haproxy: ## Enable TLS termination on HAproxy, This will create a volume mount tls: enabled: false + ## Supports templates like "{{ .Release.Name }}-haproxy-tls" secretName: "" keyName: certMountPath: /tmp/ @@ -331,7 +332,8 @@ sentinel: # password: password - ## Use existing secret containing key `authKey` (ignores sentinel.password) + ## Use existing secret containing key `authKey` (ignores sentinel.password). + ## Supports templates like "{{ .Release.Name }}-sentinel-creds" # existingSecret: sentinel-secret ## Defines the key holding the sentinel password in existing secret. @@ -555,6 +557,7 @@ auth: false ## Use existing secret containing key `authKey` (ignores redisPassword) ## Can also store AWS S3 or SSH secrets in this secret +## Supports templates like "{{ .Release.Name }}-creds" # existingSecret: ## Defines the key holding the redis password in existing secret. @@ -595,7 +598,8 @@ emptyDir: {} tls: ## Fill the name of secret if you want to use your own TLS certificates. ## The secret should contains keys named by "tls.certFile" - the certificate, "tls.keyFile" - the private key, "tls.caCertFile" - the certificate of CA and "tls.dhParamsFile" - the dh parameter file - ## These secret will be genrated using files from certs folder if the secretName is not set and redis.tlsPort is set + ## Supports templates like "{{ .Release.Name }}-tls" + ## This secret will be generated using files from certs folder if the secretName is not set and redis.tlsPort is set # secretName: tls-secret ## Name of certificate file