Add custom labels and annotations to created app and backup secrets

bitpoke · Oct 28, 2021 · 0e3e443 · 0e3e443
1 parent 2bc3093
commit 0e3e443
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 0 deletions.
diff --git a/Changelog.md b/Changelog.md
@@ -9,6 +9,8 @@ adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 ### Added
  * Add `orchestrator.persistence.fsGroupWorkaroundEnabled` for persistent volume
    provisioners wich don't support fsGroup in security context (fixes #615)
+ * Add `appSecretLabels`, `appSecretAnnotations`, `backupSecretLabels`, `backupSecretAnnotations` to provide 
+   custom labels and annotations to created app and backup secrets
 ### Changed
  * Allow setting pod security context when deploying with Helm
  * Use [distroless](https://github.com/GoogleContainerTools/distroless) as base image for orchestrator container

diff --git a/deploy/charts/mysql-cluster/templates/backup-secret.yaml b/deploy/charts/mysql-cluster/templates/backup-secret.yaml
@@ -8,6 +8,13 @@ metadata:
     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
     release: {{ .Release.Name }}
     heritage: {{ .Release.Service }}
+    {{- if .Values.backupSecretLabels }}
+    {{- toYaml .Values.backupSecretLabels | nindent 4 }}
+    {{- end }}
+  {{- if .Values.backupSecretAnnotations }}
+  annotations:
+    {{ toYaml .Values.backupSecretAnnotations }}
+  {{- end }}
 type: Opaque
 data:
     {{- range $key, $value := .Values.backupCredentials }}

diff --git a/deploy/charts/mysql-cluster/templates/secret.yaml b/deploy/charts/mysql-cluster/templates/secret.yaml
@@ -8,6 +8,13 @@ metadata:
     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
     release: {{ .Release.Name }}
     heritage: {{ .Release.Service }}
+    {{- if .Values.appSecretLabels }}
+    {{- toYaml .Values.appSecretLabels | nindent 4 }}
+    {{- end }}
+  {{- if .Values.appSecretAnnotations }}
+  annotations:
+    {{ toYaml .Values.appSecretAnnotations }}
+  {{- end }}
 type: Opaque
 data:
   ROOT_PASSWORD: {{ required ".rootPassword is missing" .Values.rootPassword | b64enc | quote }}

diff --git a/deploy/charts/mysql-cluster/values.yaml b/deploy/charts/mysql-cluster/values.yaml
@@ -15,6 +15,8 @@ rootPassword: ""
 appUser: ""
 appPassword: ""
 appDatabase: ""
+# appSecretLabels: {}
+# appSecretAnnotations: {}
 
 podSpec:
 mysqlConf:
@@ -30,6 +32,8 @@ backupScheduleJobsHistoryLimit:
 backupURL:
 backupSecretName:
 backupRemoteDeletePolicy:
+# backupSecretLabels: {}
+# backupSecretAnnotations: {}
 backupCredentials:
   # AWS_ACCESS_KEY_ID: ?
   # AWS_SECRET_ACCESS_KEY: ?