diff --git a/charts/vaultwarden/Chart.yaml b/charts/vaultwarden/Chart.yaml index f0259b3..dac661c 100644 --- a/charts/vaultwarden/Chart.yaml +++ b/charts/vaultwarden/Chart.yaml @@ -13,5 +13,5 @@ maintainers: - name: guerzon email: guerzon@proton.me url: https://github.com/guerzon -version: 0.22.7 +version: 0.23.0 kubeVersion: ">=1.12.0-0" diff --git a/charts/vaultwarden/README.md b/charts/vaultwarden/README.md index cdd369f..68749eb 100644 --- a/charts/vaultwarden/README.md +++ b/charts/vaultwarden/README.md @@ -263,6 +263,8 @@ helm -n $NAMESPACE uninstall $RELEASE_NAME | `image.tag` | Vaultwarden image tag | `1.30.3-alpine` | | `image.pullPolicy` | Vaultwarden image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify docker-registry secret names | `[]` | +| `image.extraSecrets` | Vaultwarden image extra secrets | `[]` | +| `image.extraVars` | Vaultwarden image extra vars | `[]` | | `fullnameOverride` | String to override the application name. | `""` | | `resourceType` | Can be either Deployment or StatefulSet | `""` | | `commonAnnotations` | Annotations for the deployment or statefulset | `{}` | @@ -279,6 +281,7 @@ helm -n $NAMESPACE uninstall $RELEASE_NAME | `serviceAccount.name` | Name of the service account to create | `vaultwarden-svc` | | `podSecurityContext` | Pod security options | `{}` | | `securityContext` | Default security options to run vault as read only container without privilege escalation | `{}` | +| `dnsConfig` | Pod DNS options | `{}` | ### Reliability configuration diff --git a/charts/vaultwarden/templates/_podSpec.tpl b/charts/vaultwarden/templates/_podSpec.tpl index f65a20a..cd40ee4 100644 --- a/charts/vaultwarden/templates/_podSpec.tpl +++ b/charts/vaultwarden/templates/_podSpec.tpl @@ -31,6 +31,19 @@ containers: - configMapRef: name: {{ include "vaultwarden.fullname" . }} env: + {{- range .Values.image.extraVars }} + - name: {{ .key }} + value: {{ .value | quote }} + {{- end }} + {{- if (.Values.image.extraSecrets) }} + {{- range .Values.image.extraSecrets }} + - name: {{ .key }} + valueFrom: + secretKeyRef: + name: {{ include "vaultwarden.fullname" . }} + key: {{ .key }} + {{- end }} + {{- end }} {{- if or (.Values.smtp.username.value) (.Values.smtp.username.existingSecretKey )}} - name: SMTP_USERNAME valueFrom: diff --git a/charts/vaultwarden/templates/secrets.yaml b/charts/vaultwarden/templates/secrets.yaml index 4910e2b..1d26846 100644 --- a/charts/vaultwarden/templates/secrets.yaml +++ b/charts/vaultwarden/templates/secrets.yaml @@ -9,6 +9,9 @@ metadata: {{- include "vaultwarden.labels" $ | nindent 4 }} type: Opaque data: + {{- range .Values.image.extraSecrets }} + {{ .key }}: {{ .value | b64enc | quote }} + {{- end }} {{- if not ( .Values.smtp.existingSecret ) }} SMTP_PASSWORD: {{ .Values.smtp.password.value | b64enc | quote }} SMTP_USERNAME: {{ .Values.smtp.username.value | b64enc | quote }} diff --git a/charts/vaultwarden/values.yaml b/charts/vaultwarden/values.yaml index 466dac4..9cc5853 100644 --- a/charts/vaultwarden/values.yaml +++ b/charts/vaultwarden/values.yaml @@ -25,6 +25,20 @@ image: ## - myRegistryKeySecretName ## pullSecrets: [] + ## @param image.extraSecrets Vaultwarden image extra secrets + ## Example: + ## extraSecrets: + ## - key: SSO_CLIENT_SECRET + ## value: secretStuff + ## + extraSecrets: [] + ## @param image.extraVars Vaultwarden image extra vars + ## Example: + ## extraVars: + ## - key: SSO_AUTHORITY + ## value: https://bananaguy.com/auth + ## + extraVars: [] ## @param fullnameOverride String to override the application name. ##