feat(helm): create restart token as Kubernetes Secret#55
Merged
Conversation
- Add restart-secret.yaml template that creates a Secret from restart.token
- Wire ARCHSIGHT_RESTART_ENABLED and ARCHSIGHT_RESTART_TOKEN env vars
into the deployment from the Secret
- Add restart.{enabled,token,existingSecret,secretKey} to values.yaml
- Update CLI to fall back to env vars when CLI flags are not provided
- Update kubernetes.md docs to reflect the new values-based approach
This removes the need to pass --restart-token as a CLI arg in the
Dockerfile/deployment args, keeping the secret out of pod specs and
Helm values history when using existingSecret.
Signed-off-by: Seena Fallah <seena.fallah@ionos.com>
clwluvw
force-pushed
the
restart-token-k8s
branch
from
6f5695b to
bbd5a7c
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a Helm-managed “restart token” Secret and wires restart configuration through env vars, so the restart token no longer needs to be passed as CLI args in Kubernetes manifests.
Changes:
- Add Helm template to create a Kubernetes Secret from
restart.tokenand inject restart env vars into the Deployment. - Introduce
restart.{enabled,token,existingSecret,secretKey}values and update Kubernetes docs to describe the new configuration. - Update CLI to fall back to
ARCHSIGHT_RESTART_{ENABLED,TOKEN}env vars when flags aren’t provided; bump chart/app versions.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
lib/archsight/cli.rb |
Adds env-var fallback for restart enablement/token. |
docs/kubernetes.md |
Updates deployment guidance to use Helm restart: values. |
chart/archsight/values.yaml |
Adds restart configuration values. |
chart/archsight/templates/restart-secret.yaml |
New Secret template for the restart token. |
chart/archsight/templates/deployment.yaml |
Injects restart env vars and Secret ref into the pod. |
chart/archsight/Chart.yaml |
Bumps chart version and appVersion. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This removes the need to pass --restart-token as a CLI arg in the Dockerfile/deployment args, keeping the secret out of pod specs and Helm values history when using existingSecret.
Type of Change
Checklist
bundle exec rake)