Add push secret for crunchy db and ref it in config.
This commit is contained in:
parent
a440908ffe
commit
1804819284
3 changed files with 40 additions and 4 deletions
|
@ -18,10 +18,10 @@ spec:
|
|||
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "{{ .authentik_grafana_oauth_client_secret }}"
|
||||
GF_DATE_FORMATS_USE_BROWSER_LOCALE: "true"
|
||||
GF_SERVER_ROOT_URL: https://grafana.hsn.dev
|
||||
GF_DATABASE_NAME: ${DB_NAME}
|
||||
GF_DATABASE_HOST: "grafana-primary.observability.svc:5432"
|
||||
GF_DATABASE_USER: "{{ .grafana_postgres_user }}"
|
||||
GF_DATABASE_PASSWORD: "{{ .grafana_postgres_password }}"
|
||||
GF_DATABASE_NAME: "{{ .grafana_GF_DATABASE_NAME }}"
|
||||
GF_DATABASE_HOST: "{{ .grafana_GF_DATABASE_HOST }}"
|
||||
GF_DATABASE_USER: "{{ .grafana_GF_DATABASE_USER }}"
|
||||
GF_DATABASE_PASSWORD: "{{ .grafana_GF_DATABASE_PASSWORD }}"
|
||||
GF_DATABASE_SSL_MODE: "require"
|
||||
GF_DATABASE_TYPE: postgres
|
||||
GF_ANALYTICS_CHECK_FOR_UPDATES: "false"
|
||||
|
|
|
@ -5,4 +5,5 @@ kind: Kustomization
|
|||
resources:
|
||||
- ./externalsecret.yaml
|
||||
- ./helmrelease.yaml
|
||||
- ./pushsecret.yaml
|
||||
- ../../../../templates/postgres-database
|
35
kubernetes/apps/observability/grafana/app/pushsecret.yaml
Normal file
35
kubernetes/apps/observability/grafana/app/pushsecret.yaml
Normal file
|
@ -0,0 +1,35 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/pushsecret_v1alpha1.json
|
||||
apiVersion: external-secrets.io/v1alpha1
|
||||
kind: PushSecret
|
||||
metadata:
|
||||
name: grafana
|
||||
spec:
|
||||
refreshInterval: 1h
|
||||
secretStoreRefs:
|
||||
- name: onepassword-connect
|
||||
kind: ClusterSecretStore
|
||||
selector:
|
||||
secret:
|
||||
name: grafana-pguser-grafana
|
||||
data:
|
||||
- match:
|
||||
secretKey: dbname
|
||||
remoteRef:
|
||||
remoteKey: grafana
|
||||
property: GF_DATABASE_NAME
|
||||
- match:
|
||||
secretKey: host
|
||||
remoteRef:
|
||||
remoteKey: grafana
|
||||
property: GF_DATABASE_HOST
|
||||
- match:
|
||||
secretKey: user
|
||||
remoteRef:
|
||||
remoteKey: grafana
|
||||
property: GF_DATABASE_USER
|
||||
- match:
|
||||
secretKey: password
|
||||
remoteRef:
|
||||
remoteKey: grafana
|
||||
property: GF_DATABASE_PASSWORD
|
Loading…
Reference in a new issue