Commit cb5fa664 authored by Adam Lewenberg's avatar Adam Lewenberg
Browse files

more work on extra secrets

parent 391031c0
......@@ -162,7 +162,28 @@ Service provider public/private key pair.
* `<APP_NAMESPACE>-saml-crt`: the public key portion of the SAML
Service provider public/private key pair.
#### Extra secrets
If you have more secrets than the the SAML secrets described above,
defined them using the `extra_secrets` value. The secret name must be
stored with a prefix `<APP_NAMESPACE>`. Each secret must also be
defined with a `mountPath` and a `subPath`.
Example:
```
# values.yaml
APP_NAMESPACE: myapp-1
...
extra_secrets:
- name: secret1
mountPath: /etc/extra/my-secret1.key
subPath: my-secret1.key
```
In this example the secret _must_ be stored as a Kubernetes Secret with
name `myapp-1-secret1` and will be found in the Pod at
`/etc/extra/secret1.key`. Note that the basename of `mountPath` _must_
match `subPath`.
## SAML
......
......@@ -45,6 +45,22 @@ service:
ingress:
enabled: true
# If you have extra secrets define them here. In this example,
# the two secrets MUST be stored with the names
# "<APP_NAMESPACE>-secret1" and "<APP_NAMESPACE>-secret2"
#
# Example:
#
# extra_secrets:
# - name: secret1
# mountPath: /etc/extra/secret1.key
# subPath: secret1.key
# - name: secret2
# mountPath: /etc/extra/secret2.key
# subPath: secret2.key
extra_secrets:
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment