Skip to content

Commit

Permalink
Add flag to control config storage as secret
Browse files Browse the repository at this point in the history
  • Loading branch information
philipp94831 committed Dec 19, 2024
1 parent 9b105bd commit 2781e02
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 1 deletion.
12 changes: 11 additions & 1 deletion charts/rclone-copy/templates/rclone-cron.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,9 @@ spec:
- -c
# copy as workaround for rclone.conf read only (see https://github.com/rclone/rclone/issues/3655)
- >-
{{- range $key, $value := .Values.passwordSecrets }}
{{ printf "%s=$(rclone obscure UNOBSCURED_%s) &&" $key $key }}
{{- end }}
cp /root/.config/rclone/rclone_ro.conf /root/.config/rclone/rclone.conf &&
rclone {{ .Values.command }} -v {{ .Values.arguments | join " " }} --include-from /root/include-pattern.conf "{{ include "rclone-copy.getSourceOrUrl" . }}" "{{ .Values.sync.dest.name }}:{{ .Values.sync.dest.path }}"
Expand All @@ -80,7 +83,7 @@ spec:
resources:
{{ toYaml .Values.resources | indent 14 }}

{{- if or .Values.configPassword .Values.secretRefs }}
{{- if or .Values.configPassword .Values.secretRefs .Values.passwordSecrets }}
env:
{{- if .Values.configPassword }}
- name: RCLONE_CONFIG_PASS
Expand All @@ -96,6 +99,13 @@ spec:
name: {{ $value.name }}
key: "{{ $value.key }}"
{{- end }}
{{- range $key, $value := .Values.passwordSecrets }}
- name: {{ printf "UNOBSCURED_%s" $key | quote }}
valueFrom:
secretKeyRef:
name: {{ $value.name }}
key: "{{ $value.key }}"
{{- end }}
{{- end }}

restartPolicy: {{ .Values.restartPolicy }}
Expand Down
5 changes: 5 additions & 0 deletions charts/rclone-copy/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -92,3 +92,8 @@ secretRefs: {}
# key: secretKey

secretConfig: true

passwordSecrets: {}
# RCLONE_FTP_PASS: # will be obscured using rclone obscure
# name: secretName
# key: secretKey

0 comments on commit 2781e02

Please sign in to comment.