innohub/k3s
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
99c68943543d58e271939df64032c4ff17aea832
k3s/argocd/apps/plane/plane-secret-patcher.yaml
titver968 99c6894354 plane secret patcher
2025-11-18 10:17:20 +01:00

100 lines
3.1 KiB
YAML
Raw Blame History

apiVersion: batch/v1
kind: Job
metadata:
name: plane-secret-patcher
namespace: plane
annotations:
argocd.argoproj.io/hook: PostSync
argocd.argoproj.io/hook-delete-policy: BeforeHookCreation
spec:
template:
spec:
serviceAccountName: plane-secret-patcher
restartPolicy: Never
containers:
- name: patcher
image: bitnami/kubectl:latest
command:
- /bin/sh
- -c
- |
# Patch plane-app-secrets
kubectl patch secret plane-app-secrets -n plane --type='json' -p='[
{"op": "replace", "path": "/data/DATABASE_URL", "value": "'$(echo -n "postgresql://plane:plane@plane-pgdb:5432/plane" | base64)'"},
{"op": "replace", "path": "/data/REDIS_URL", "value": "'$(echo -n "redis://plane-redis:6379/" | base64)'"},
{"op": "replace", "path": "/data/AMQP_URL", "value": "'$(echo -n "amqp://plane:plane@plane-rabbitmq/" | base64)'"}
]'
# Patch plane-live-secrets
kubectl patch secret plane-live-secrets -n plane --type='json' -p='[
{"op": "replace", "path": "/data/REDIS_URL", "value": "'$(echo -n "redis://plane-redis:6379/" | base64)'"}
]'
# Patch plane-doc-store-secrets - füge Region hinzu
# kubectl patch secret plane-doc-store-secrets -n plane --type='json' -p='[
# {"op": "replace", "path": "/data/AWS_REGION", "value": "'$(echo -n "eu-central-1" | base64)'"}
# ]'
echo "Secrets patched successfully"
kubectl patch deployment plane-api-wl -n plane --type='json' -p='[
{
"op": "add",
"path": "/spec/template/spec/dnsConfig",
"value": {
"options": [{"name": "ndots", "value": "1"}]
}
}
]'
# Patch Worker Deployment
kubectl patch deployment plane-worker-wl -n plane --type='json' -p='[
{
"op": "add",
"path": "/spec/template/spec/dnsConfig",
"value": {
"options": [{"name": "ndots", "value": "1"}]
}
}
]'
# Patch Beat Worker
kubectl patch deployment plane-beat-worker-wl -n plane --type='json' -p='[
{
"op": "add",
"path": "/spec/template/spec/dnsConfig",
"value": {
"options": [{"name": "ndots", "value": "1"}]
}
}
]'
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: plane-secret-patcher
namespace: plane
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: plane-secret-patcher
namespace: plane
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "patch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: plane-secret-patcher
namespace: plane
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: plane-secret-patcher
subjects:
- kind: ServiceAccount
name: plane-secret-patcher
namespace: plane
Reference in New Issue View Git Blame Copy Permalink