adebaumann/shorefront
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: add JWT_SECRET_KEY to migrate init container; run postgres as uid 70 to avoid NFS chown failure

Browse Source
This commit is contained in:
Adrian A. Baumann
2026-02-28 23:53:03 +01:00
parent ee50261216
commit 271fec8da5
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
helm/shorefront/templates/backend-deployment.yaml
View File

@@ -26,6 +26,11 @@ spec:
secretKeyRef: secretKeyRef:
name: shorefront-secret name: shorefront-secret
key: POSTGRES_PASSWORD key: POSTGRES_PASSWORD
- name: JWT_SECRET_KEY
valueFrom:
secretKeyRef:
name: shorefront-secret
key: JWT_SECRET_KEY
- name: DATABASE_URL - name: DATABASE_URL
value: "postgresql://{{ .Values.postgres.user }}:$(POSTGRES_PASSWORD)@postgres:5432/{{ .Values.postgres.database }}" value: "postgresql://{{ .Values.postgres.user }}:$(POSTGRES_PASSWORD)@postgres:5432/{{ .Values.postgres.database }}"
containers: containers:

6
helm/shorefront/templates/postgres-deployment.yaml
View File

@@ -16,6 +16,10 @@ spec:
labels: labels:
app: postgres app: postgres
spec: spec:
securityContext:
runAsUser: 70
runAsGroup: 70
fsGroup: 70
containers: containers:
- name: postgres - name: postgres
image: "{{ .Values.postgres.image }}:{{ .Values.postgres.tag }}" image: "{{ .Values.postgres.image }}:{{ .Values.postgres.tag }}"
@@ -35,6 +39,8 @@ spec:
secretKeyRef: secretKeyRef:
name: shorefront-secret name: shorefront-secret
key: POSTGRES_PASSWORD key: POSTGRES_PASSWORD
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
ports: ports:
- containerPort: 5432 - containerPort: 5432
volumeMounts: volumeMounts: