Update chartmuseum to use secret and authentication

This commit is contained in:
Nico Schottelius 2021-07-26 14:31:28 +02:00
parent 730dfbf612
commit 7a9034df78
3 changed files with 26 additions and 8 deletions

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: ungleich-chartmuseum
description: Chartmuseum for the ungleich infrastructure
version: 0.1.1
version: 0.2.1
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to

View File

@ -1,15 +1,16 @@
## Missing
* SSL/TLS
* Letsencrypt on port 80
* Chartmuseum on 443
* Reload?
* Authentication
* Secret -> generate
* Secret -> sops
* SSL/TLS automatic reload
* Cronjob?
* Trigger from ungleich-certbot?
* Authentication via sops Secret
## Done
* Basic chartmuseum
* helm push works
* SSL/TLS
* Letsencrypt on port 80
* Chartmuseum on 443
* Authentication via generated secret

View File

@ -59,6 +59,16 @@ spec:
value: "local"
- name: STORAGE_LOCAL_ROOTDIR
value: "/charts"
- name: BASIC_AUTH_USER
valueFrom:
secretKeyRef:
name: {{ tpl .Values.identifier . }}
key: username
- name: BASIC_AUTH_PASS
valueFrom:
secretKeyRef:
name: {{ tpl .Values.identifier . }}
key: password
volumeMounts:
- name: etcletsencrypt
mountPath: "/etc/letsencrypt"
@ -173,3 +183,10 @@ spec:
persistentVolumeClaim:
claimName: {{ tpl .Values.identifier . }}-letsencrypt-certs
backoffLimit: 3
---
apiVersion: v1
kind: Secret
metadata:
name: {{ tpl .Values.identifier . }}
annotations:
secret-generator.v1.mittwald.de/type: basic-auth