[Helm] How to use externally managed k8s secret for postgres credentials? #19019
Unanswered
theelderbeever
asked this question in
Q&A
Replies: 1 comment
-
|
I, like you, missed line 8 of the global:
postgresqlSecretName: "dagster-postgresql-secret"Some more reading - name: DAGSTER_PG_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "dagsterUserDeployments.postgresql.secretName" $ }}
key: postgresql-passwordYeah, not exactly the same variables, but could that be? So I deleted the existing kubectl create secret generic dagster-postgresql-secret \
--from-literal=postgresql-password=${PASSWORD}And of course, I configured my postgresql:
enabled: false
postgresqlHost: "pg-sqlproxy-gcloud-sqlproxy.${mynamespace}"
postgresqlUsername: ${myuser}
postgresqlPassword: ""
postgresqlDatabase: ${mydb}
generatePostgresqlPasswordSecret: false
|
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I am attempting to deploy the Dagster helm chart with ArgoCD. To this end we can't embed secrets directly in the chart. I would like to be able to point the chart at a secret that is managed outside of the helm chart for Dagster to read the postgres credentials from.
In the chart there is
.Values.global.postgresqlSecretNamehere which would seem to imply that you can manage this separately. However, further down in the.Values.postgresqlhere it is implied that the values for postgres, namelypostgresqlPasswordwill exclusively be read from the values file. When deploying the chart this seems to be the behavior as well.So my question comes down to
.Values.global.postgresqlSecretName?Many thanks to anyone who has an answer!
Also yes I know there is a draft PR loosely revolving around this subject however, I think my main issue is question 1 from above.
Beta Was this translation helpful? Give feedback.
All reactions