diff --git a/charts/logto/templates/secret-extractor-job.yaml b/charts/logto/templates/secret-extractor-job.yaml index ab550be..05cb4a2 100644 --- a/charts/logto/templates/secret-extractor-job.yaml +++ b/charts/logto/templates/secret-extractor-job.yaml @@ -19,6 +19,16 @@ spec: - name: shared-data emptyDir: {} containers: + - name: kubectl + image: "{{ .Values.secretExtractor.image.repository }}:{{ .Values.secretExtractor.image.tag }}" + volumeMounts: + - name: shared-data + mountPath: /shared + args: + - apply + - -f + - /shared/secret.yaml + initContainers: - name: secret-extractor image: "{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}" env: @@ -76,31 +86,5 @@ spec: m-default-secret: $M_DEFAULT_SECRET m-admin-secret: $M_ADMIN_SECRET EOF - - # Signal that the secret file is ready - touch /shared/secret-ready - - # Wait for the secret to be applied - while [ -f /shared/secret-ready ]; do - sleep 1 - done - - name: kubectl - image: "bitnami/kubectl:1.25" - volumeMounts: - - name: shared-data - mountPath: /shared - command: - - /bin/sh - - -c - - | - # Wait for the secret file to be ready - while [ ! -f /shared/secret-ready ]; do - sleep 1 - done - - # Apply the secret - kubectl apply -f /shared/secret.yaml - - # Signal completion - rm -f /shared/secret-ready + echo "Secret is ready to be applied with kubectl" {{- end }} diff --git a/charts/logto/values.yaml b/charts/logto/values.yaml index 140973b..d1ebd31 100644 --- a/charts/logto/values.yaml +++ b/charts/logto/values.yaml @@ -125,8 +125,8 @@ postgresql: secretExtractor: enabled: true image: - repository: bitnami/kubectl - tag: latest + repository: registry.k8s.io/kubectl + tag: v1.32.0 serviceAccount: create: true annotations: {}