diff --git a/charts/rstudio-connect/README.md b/charts/rstudio-connect/README.md index d81b21c4..b0a76a5e 100644 --- a/charts/rstudio-connect/README.md +++ b/charts/rstudio-connect/README.md @@ -117,6 +117,7 @@ The Helm `config` values are converted into the `rstudio-connect.gcfg` service c | replicas | int | `1` | The number of replica pods to maintain for this service | | resources.limits | object | `{"cpu":"2000m","enabled":false,"ephemeralStorage":"200Mi","memory":"2Gi"}` | Defines resource limits for the rstudio-connect pod | | resources.requests | object | `{"cpu":"100m","enabled":false,"ephemeralStorage":"100Mi","memory":"1Gi"}` | Defines resource requests for the rstudio-connect pod | +| secretConfig | object | [RStudio Connect Configuration Reference](https://docs.rstudio.com/connect/admin/appendix/configuration/) | A nested map of maps that generates the rstudio-connect-secret.gcfg file | | securityContext | object | `{"privileged":true}` | Values to set the `securityContext` for Connect pods. It must include "privileged: true" or "CAP_SYS_ADMIN" when launcher is not enabled. If launcher is enabled, this can be removed with `securityContext: null` | | service.annotations | object | `{}` | Annotations that will be added onto the service | | service.nodePort | bool | `false` | The nodePort to use when using service type NodePort. If not provided, Kubernetes will provide one automatically | diff --git a/charts/rstudio-connect/templates/deployment.yaml b/charts/rstudio-connect/templates/deployment.yaml index 0301ea2b..75e45f40 100644 --- a/charts/rstudio-connect/templates/deployment.yaml +++ b/charts/rstudio-connect/templates/deployment.yaml @@ -91,6 +91,9 @@ spec: - name: rstudio-connect-config mountPath: "/etc/rstudio-connect/rstudio-connect.gcfg" subPath: "rstudio-connect.gcfg" + - name: rstudio-connect-secret-config + mountPath: "/etc/rstudio-connect/rstudio-connect-secret.gcfg" + subPath: "rstudio-connect-secret.gcfg" {{- if .Values.launcher.enabled }} - name: rstudio-connect-config mountPath: "/etc/rstudio-connect/runtime.yaml" @@ -164,6 +167,11 @@ spec: - name: rstudio-connect-config configMap: name: {{ include "rstudio-connect.fullname" . }}-config + {{- if .Values.secretConfig }} + - name: rstudio-connect-secret-config + secret: + secretName: {{ include "rstudio-connect.fullname" . }}-secret-config + {{- end }} {{- if or .Values.sharedStorage.create .Values.sharedStorage.mount }} - name: rstudio-connect-data persistentVolumeClaim: diff --git a/charts/rstudio-connect/templates/secret.yaml b/charts/rstudio-connect/templates/secret.yaml new file mode 100644 index 00000000..6eb4fcc1 --- /dev/null +++ b/charts/rstudio-connect/templates/secret.yaml @@ -0,0 +1,11 @@ +{{- if .Values.secretConfig }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "rstudio-connect.fullname" . }}-secret-config + namespace: {{ $.Release.Namespace }} +type: Opaque +stringData: + secret.gcfg: | + {{- include "rstudio-library.config.gcfg" . | nindent 4 }} +{{- end }} diff --git a/charts/rstudio-connect/values.yaml b/charts/rstudio-connect/values.yaml index 473650c4..3cd8779c 100644 --- a/charts/rstudio-connect/values.yaml +++ b/charts/rstudio-connect/values.yaml @@ -232,3 +232,7 @@ config: GraphiteHost: 127.0.0.1 GraphitePort: 9109 GraphiteClientId: rsconnect + +# -- A nested map of maps that generates the rstudio-connect-secret.gcfg file +# @default -- [RStudio Connect Configuration Reference](https://docs.rstudio.com/connect/admin/appendix/configuration/) +secretConfig: {}