diff --git a/infrastructure/helm/templates/api-deployment.yaml b/infrastructure/helm/templates/api-deployment.yaml index ebd7256..06f8a9a 100644 --- a/infrastructure/helm/templates/api-deployment.yaml +++ b/infrastructure/helm/templates/api-deployment.yaml @@ -56,6 +56,11 @@ spec: configMapKeyRef: name: {{ include "tod.fullname" . }} key: SYNC_DATABASE_URL + - name: CREDENTIAL_ENCRYPTION_KEY + valueFrom: + secretKeyRef: + name: {{ include "tod.fullname" . }}-secrets + key: CREDENTIAL_ENCRYPTION_KEY securityContext: runAsUser: 1001 runAsNonRoot: true diff --git a/infrastructure/helm/templates/postgres-statefulset.yaml b/infrastructure/helm/templates/postgres-statefulset.yaml index fd8724c..e09646b 100644 --- a/infrastructure/helm/templates/postgres-statefulset.yaml +++ b/infrastructure/helm/templates/postgres-statefulset.yaml @@ -72,14 +72,14 @@ spec: - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - name: {{ include "tod.fullname" . }} + name: {{ include "tod.fullname" . }}-secrets key: DB_PASSWORD - name: APP_USER value: {{ .Values.postgres.auth.appUsername | quote }} - name: APP_USER_PASSWORD valueFrom: secretKeyRef: - name: {{ include "tod.fullname" . }} + name: {{ include "tod.fullname" . }}-secrets key: DB_APP_PASSWORD volumeMounts: - name: postgres-data diff --git a/infrastructure/helm/templates/secrets.yaml b/infrastructure/helm/templates/secrets.yaml index 2f71cf4..65e4d7c 100644 --- a/infrastructure/helm/templates/secrets.yaml +++ b/infrastructure/helm/templates/secrets.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ include "tod.fullname" . }} + name: {{ include "tod.fullname" . }}-secrets labels: {{- include "tod.labels" . | nindent 4 }} type: Opaque