innohub/k3s
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
71176f9b60abdce809548c965a546ee83ea77189
k3s/argocd/apps/plane/plane-secret-patcher.yaml
titver968 71176f9b60 plane secret patcher
2025-11-18 09:07:37 +01:00

68 lines
2.1 KiB
YAML
Raw Blame History

apiVersion: batch/v1
kind: Job
metadata:
name: plane-secret-patcher
namespace: plane
annotations:
argocd.argoproj.io/hook: PostSync
argocd.argoproj.io/hook-delete-policy: BeforeHookCreation
spec:
template:
spec:
serviceAccountName: plane-secret-patcher
restartPolicy: Never
containers:
- name: patcher
image: bitnami/kubectl:latest
command:
- /bin/sh
- -c
- |
# Patch plane-app-secrets
kubectl patch secret plane-app-secrets -n plane --type='json' -p='[
{"op": "replace", "path": "/data/DATABASE_URL", "value": "'$(echo -n "postgresql://plane:plane@plane-pgdb:5432/plane" | base64)'"},
{"op": "replace", "path": "/data/REDIS_URL", "value": "'$(echo -n "redis://plane-redis:6379/" | base64)'"},
{"op": "replace", "path": "/data/AMQP_URL", "value": "'$(echo -n "amqp://plane:plane@plane-rabbitmq/" | base64)'"}
]'
# Patch plane-live-secrets
kubectl patch secret plane-live-secrets -n plane --type='json' -p='[
{"op": "replace", "path": "/data/REDIS_URL", "value": "'$(echo -n "redis://plane-redis:6379/" | base64)'"}
]'
# Patch plane-doc-store-secrets - füge Region hinzu
kubectl patch secret plane-doc-store-secrets -n plane --type='json' -p='[
{"op": "replace", "path": "/data/AWS_REGION", "value": "'$(echo -n "eu-central-1" | base64)'"}
]'
echo "Secrets patched successfully"
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: plane-secret-patcher
namespace: plane
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: plane-secret-patcher
namespace: plane
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "patch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: plane-secret-patcher
namespace: plane
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: plane-secret-patcher
subjects:
- kind: ServiceAccount
name: plane-secret-patcher
namespace: plane
Reference in New Issue View Git Blame Copy Permalink