feat: template uri secret

openfga · Sep 17, 2024 · 18428a3 · 18428a3
1 parent 88eaf10
commit 18428a3
Show file tree

Hide file tree

Showing 5 changed files with 28 additions and 21 deletions.
diff --git a/charts/openfga/templates/_helpers.tpl b/charts/openfga/templates/_helpers.tpl
@@ -77,3 +77,19 @@ Return true if a secret object should be created
     {{- true -}}
 {{- end -}}
 {{- end -}}
+
+{{/*
+Generate an environment variable for the datastore URI
+*/}}
+{{- define "openfga.datastoreURIEnvVar" -}}
+{{- if .Values.datastore.uri -}}
+- name: OPENFGA_DATASTORE_URI
+  value: "{{ .Values.datastore.uri }}"
+{{- else if .Values.datastore.uriSecret -}}
+- name: OPENFGA_DATASTORE_URI
+  valueFrom:
+    secretKeyRef:
+      name: "{{ tpl .Values.datastore.uriSecret . }}"
+      key: "{{ tpl (.Values.datastore.uriSecretKey | default "uri") . }}"
+{{- end -}}
+{{- end -}}
diff --git a/charts/openfga/templates/deployment.yaml b/charts/openfga/templates/deployment.yaml
@@ -85,16 +85,7 @@ spec:
               value: "{{ .Values.datastore.engine }}"
             {{- end }}
 
-            {{- if .Values.datastore.uri }}
-            - name: OPENFGA_DATASTORE_URI
-              value: "{{ .Values.datastore.uri }}"
-            {{- else if .Values.datastore.uriSecret }}
-            - name: OPENFGA_DATASTORE_URI
-              valueFrom:
-                secretKeyRef:
-                  name: "{{ .Values.datastore.uriSecret }}"
-                  key: "uri"
-            {{- end }}
+            {{- include "openfga.datastoreURIEnvVar" . | nindent 12 }}
 
             {{- if .Values.datastore.maxCacheSize }}
             - name: OPENFGA_DATASTORE_MAX_CACHE_SIZE

diff --git a/charts/openfga/templates/job.yaml b/charts/openfga/templates/job.yaml
@@ -41,16 +41,7 @@ spec:
               value: "{{ .Values.datastore.engine }}"
             {{- end }}
 
-            {{- if .Values.datastore.uri }}
-            - name: OPENFGA_DATASTORE_URI
-              value: "{{ .Values.datastore.uri }}"
-            {{- else if .Values.datastore.uriSecret }}
-            - name: OPENFGA_DATASTORE_URI
-              valueFrom:
-                secretKeyRef:
-                  name: "{{ .Values.datastore.uriSecret }}"
-                  key: "uri"
-            {{- end }}
+            {{- include "openfga.datastoreURIEnvVar" . | nindent 12 }}
 
             {{- if .Values.migrate.timeout }}
             - name: OPENFGA_TIMEOUT

diff --git a/charts/openfga/values.schema.json b/charts/openfga/values.schema.json
@@ -278,7 +278,15 @@
                         "string",
                         "null"
                     ],
-                    "description": "the secret name where to get the datastore URI, it expects a key named uri to exist in the secret"
+                    "description": "the secret name where to get the datastore URI, it expects the key in `uriSecretKey` to exist in the secret"
+                },
+                "uriSecretKey": {
+                    "type": [
+                        "string",
+                        "null"
+                    ],
+                    "default": "uri",
+                    "description": "the key in the secret where to get the datastore URI, defaults to uri"
                 },
                 "maxCacheSize": {
                     "type": [

diff --git a/charts/openfga/values.yaml b/charts/openfga/values.yaml
@@ -190,6 +190,7 @@ datastore:
   engine: memory
   uri:
   uriSecret:
+  uriSecretKey:
   maxCacheSize:
   maxOpenConns:
   maxIdleConns: