Browse Source

Update chartmuseum to use secret and authentication

master
Nico Schottelius 1 year ago
parent
commit
7a9034df78
  1. 2
      apps/chartmuseum/Chart.yaml
  2. 15
      apps/chartmuseum/README.md
  3. 17
      apps/chartmuseum/templates/deployment.yaml

2
apps/chartmuseum/Chart.yaml

@ -2,7 +2,7 @@ apiVersion: v2
name: ungleich-chartmuseum
description: Chartmuseum for the ungleich infrastructure
version: 0.1.1
version: 0.2.1
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to

15
apps/chartmuseum/README.md

@ -1,15 +1,16 @@
## Missing
* SSL/TLS
* Letsencrypt on port 80
* Chartmuseum on 443
* Reload?
* Authentication
* Secret -> generate
* Secret -> sops
* SSL/TLS automatic reload
* Cronjob?
* Trigger from ungleich-certbot?
* Authentication via sops Secret
## Done
* Basic chartmuseum
* helm push works
* SSL/TLS
* Letsencrypt on port 80
* Chartmuseum on 443
* Authentication via generated secret

17
apps/chartmuseum/templates/deployment.yaml

@ -59,6 +59,16 @@ spec:
value: "local"
- name: STORAGE_LOCAL_ROOTDIR
value: "/charts"
- name: BASIC_AUTH_USER
valueFrom:
secretKeyRef:
name: {{ tpl .Values.identifier . }}
key: username
- name: BASIC_AUTH_PASS
valueFrom:
secretKeyRef:
name: {{ tpl .Values.identifier . }}
key: password
volumeMounts:
- name: etcletsencrypt
mountPath: "/etc/letsencrypt"
@ -173,3 +183,10 @@ spec:
persistentVolumeClaim:
claimName: {{ tpl .Values.identifier . }}-letsencrypt-certs
backoffLimit: 3
---
apiVersion: v1
kind: Secret
metadata:
name: {{ tpl .Values.identifier . }}
annotations:
secret-generator.v1.mittwald.de/type: basic-auth

Loading…
Cancel
Save