643504d89b
- Add *.sqlite* patterns to .gitignore - Expand .dockerignore to exclude chart/, docs/, .github/, etc. - Add HEALTHCHECK instruction to Dockerfile - Fix Helm chart: preserve JWT secret across upgrades (lookup), add securityContext, conditional PVC creation, resource defaults - Remove hardcoded demo credentials from MCP.md - Complete .env.example with all configurable environment variables https://claude.ai/code/session_01SoQKcF5Rz9Y8Nzo4PzkxY8
30 lines
1.0 KiB
YAML
30 lines
1.0 KiB
YAML
{{- if and (not .Values.existingSecret) (not .Values.generateJwtSecret) }}
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ include "trek.fullname" . }}-secret
|
|
labels:
|
|
app: {{ include "trek.name" . }}
|
|
type: Opaque
|
|
data:
|
|
{{ .Values.existingSecretKey | default "JWT_SECRET" }}: {{ .Values.secretEnv.JWT_SECRET | b64enc | quote }}
|
|
{{- end }}
|
|
|
|
{{- if and (not .Values.existingSecret) (.Values.generateJwtSecret) }}
|
|
{{- $secretName := printf "%s-secret" (include "trek.fullname" .) }}
|
|
{{- $existingSecret := (lookup "v1" "Secret" .Release.Namespace $secretName) }}
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ $secretName }}
|
|
labels:
|
|
app: {{ include "trek.name" . }}
|
|
type: Opaque
|
|
stringData:
|
|
{{- if and $existingSecret $existingSecret.data }}
|
|
{{ .Values.existingSecretKey | default "JWT_SECRET" }}: {{ index $existingSecret.data (.Values.existingSecretKey | default "JWT_SECRET") | b64dec }}
|
|
{{- else }}
|
|
{{ .Values.existingSecretKey | default "JWT_SECRET" }}: {{ randAlphaNum 32 }}
|
|
{{- end }}
|
|
{{- end }}
|