StackStorm
diff --git a/‎CHANGELOG.md
Lines changed: 1 addition & 0 deletions b/‎CHANGELOG.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎templates/_helpers.tpl
Lines changed: 20 additions & 0 deletions b/‎templates/_helpers.tpl
Lines changed: 20 additions & 0 deletions
diff --git a/‎templates/configmaps_st2-conf.yaml
Lines changed: 0 additions & 1 deletion b/‎templates/configmaps_st2-conf.yaml
Lines changed: 0 additions & 1 deletion
diff --git a/‎templates/deployments.yaml
Lines changed: 31 additions & 5 deletions b/‎templates/deployments.yaml
Lines changed: 31 additions & 5 deletions
diff --git a/‎templates/jobs.yaml
Lines changed: 2 additions & 6 deletions b/‎templates/jobs.yaml
Lines changed: 2 additions & 6 deletions
@@ -9,6 +9,7 @@
 * Fix bug that hung an init container when `st2.packs.volumes.enabled` without `st2.packs.volumes.configs`. (#324) (by @rebrowning)
 * Add ability to create custom labels for service account.(#327)(by @SuganJoe)
 * Fix bug that would not set the appropriate redis connection string when using `redis.password` and `redis.usePassword` (#325) (by @rebrowning)
+* New Feature: Add `existingConfigSecret`.  If this is defined, the `st2.secrets.conf` key within this secret will be written as /etc/st2/st2.secrets.conf and added to the end of the command line arguments of all pods. (#289) (by @eric-al/@ericreeves)
 
 ## v0.100.0
 * Switch st2 to `v3.7` as a new default stable version (#274)
 
@@ -131,11 +131,31 @@ Reduce duplication of the st2.*.conf volume details
 - name: st2-config-vol
   mountPath: /etc/st2/st2.user.conf
   subPath: st2.user.conf
+{{- if $.Values.st2.existingConfigSecret }}
+- name: st2-config-secrets-vol
+  mountPath: /etc/st2/st2.secrets.conf
+  subPath: st2.secrets.conf
+{{- end }}
 {{- end -}}
 {{- define "stackstorm-ha.st2-config-volume" -}}
 - name: st2-config-vol
   configMap:
     name: {{ $.Release.Name }}-st2-config
+{{- if $.Values.st2.existingConfigSecret }}
+- name: st2-config-secrets-vol
+  secret:
+    secretName: {{ $.Values.st2.existingConfigSecret }}
+{{- end }}
+{{- end -}}
+
+# Override CMD CLI parameters passed to the startup of all pods to add support for /etc/st2/st2.secrets.conf
+{{- define "stackstorm-ha.st2-config-file-parameters" -}}
+- --config-file=/etc/st2/st2.conf
+- --config-file=/etc/st2/st2.docker.conf
+- --config-file=/etc/st2/st2.user.conf
+{{- if $.Values.st2.existingConfigSecret }}
+- --config-file=/etc/st2/st2.secrets.conf
+{{- end }}
 {{- end -}}
 
 {{- define "stackstorm-ha.init-containers-wait-for-db" -}}
 
@@ -7,7 +7,6 @@ metadata:
     description: Custom StackStorm config which will apply settings on top of default st2.conf
   labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }}
 data:
-  # TODO: Bundle DB/MQ login secrets in dynamic ENV-based st2.secrets.conf, leave custom user-defined settings for st2.user.conf (?)
   # Docker/K8s-based st2 config file used for templating service names and common overrides on top of original st2.conf.
   # The order of merging: st2.conf < st2.docker.conf < st2.user.conf
   st2.docker.conf: |
 
@@ -72,6 +72,9 @@ spec:
         # TODO: Add liveness/readiness probes (#3)
         #livenessProbe:
         #readinessProbe:
+        command:
+          - /opt/stackstorm/st2/bin/st2auth
+          {{- include "stackstorm-ha.st2-config-file-parameters" $ | nindent 10 }}
         {{- if .Values.st2auth.env }}
         env: {{- include "stackstorm-ha.customEnv" .Values.st2auth | nindent 8 }}
         {{- end }}
@@ -188,6 +191,9 @@ spec:
         # TODO: Add liveness/readiness probes (#3)
         #livenessProbe:
         #readinessProbe:
+        command:
+          - /opt/stackstorm/st2/bin/st2api
+          {{- include "stackstorm-ha.st2-config-file-parameters" $ | nindent 10 }}
         {{- if .Values.st2api.env }}
         env: {{- include "stackstorm-ha.customEnv" .Values.st2api | nindent 8 }}
         {{- end }}
@@ -311,6 +317,9 @@ spec:
         # TODO: Add liveness/readiness probes (#3)
         #livenessProbe:
         #readinessProbe:
+        command:
+          - /opt/stackstorm/st2/bin/st2stream
+          {{- include "stackstorm-ha.st2-config-file-parameters" $ | nindent 10 }}
         {{- if .Values.st2stream.env }}
         env: {{- include "stackstorm-ha.customEnv" .Values.st2stream | nindent 8 }}
         {{- end }}
@@ -540,6 +549,9 @@ spec:
         # TODO: Add liveness/readiness probes (#3)
         #livenessProbe:
         #readinessProbe:
+        command:
+          - /opt/stackstorm/st2/bin/st2rulesengine
+          {{- include "stackstorm-ha.st2-config-file-parameters" $ | nindent 10 }}
         {{- if .Values.st2rulesengine.env }}
         env: {{- include "stackstorm-ha.customEnv" .Values.st2rulesengine | nindent 8 }}
         {{- end }}
@@ -654,6 +666,9 @@ spec:
         # TODO: Add liveness/readiness probes (#3)
         #livenessProbe:
         #readinessProbe:
+        command:
+          - /opt/stackstorm/st2/bin/st2timersengine
+          {{- include "stackstorm-ha.st2-config-file-parameters" $ | nindent 10 }}
         {{- if .Values.st2timersengine.env }}
         env: {{- include "stackstorm-ha.customEnv" .Values.st2timersengine | nindent 8 }}
         {{- end }}
@@ -755,6 +770,9 @@ spec:
         # TODO: Add liveness/readiness probes (#3)
         #livenessProbe:
         #readinessProbe:
+        command:
+          - /opt/stackstorm/st2/bin/st2workflowengine
+          {{- include "stackstorm-ha.st2-config-file-parameters" $ | nindent 10 }}
         {{- if .Values.st2workflowengine.env }}
         env: {{- include "stackstorm-ha.customEnv" .Values.st2workflowengine | nindent 8 }}
         {{- end }}
@@ -868,6 +886,9 @@ spec:
         # TODO: Add liveness/readiness probes (#3)
         #livenessProbe:
         #readinessProbe:
+        command:
+          - /opt/stackstorm/st2/bin/st2scheduler
+          {{- include "stackstorm-ha.st2-config-file-parameters" $ | nindent 10 }}
         {{- if .Values.st2scheduler.env }}
         env: {{- include "stackstorm-ha.customEnv" .Values.st2scheduler | nindent 8 }}
         {{- end }}
@@ -981,6 +1002,9 @@ spec:
         # TODO: Add liveness/readiness probes (#3)
         #livenessProbe:
         #readinessProbe:
+        command:
+          - /opt/stackstorm/st2/bin/st2notifier
+          {{- include "stackstorm-ha.st2-config-file-parameters" $ | nindent 10 }}
         {{- if .Values.st2notifier.env }}
         env: {{- include "stackstorm-ha.customEnv" .Values.st2notifier | nindent 8 }}
         {{- end }}
@@ -1150,20 +1174,16 @@ spec:
         livenessProbe:
           {{- toYaml . | nindent 10 }}
         {{- end }}
-        {{- if or $one_sensor_per_pod $some_sensors_per_pod }}{{/* ie: when there is more than one pod of sensors */}}
         command:
           - /opt/stackstorm/st2/bin/st2sensorcontainer
-          - --config-file=/etc/st2/st2.conf
-          - --config-file=/etc/st2/st2.docker.conf
-          - --config-file=/etc/st2/st2.user.conf
+          {{- include "stackstorm-ha.st2-config-file-parameters" $ | nindent 10 }}
           {{- if $one_sensor_per_pod }}{{/* only in st2.packs.sensors[] */}}
           - --single-sensor-mode
           - --sensor-ref={{ required "You must define `ref` for everything in st2.packs.sensors. This assigns each sensor to a pod." $sensor.ref }}
           {{- else if $some_sensors_per_pod }}
           # injected by {{ $name }}-init-config
           - --config-file=/etc/st2/st2.sensorcontainer.conf
           {{- end }}
-        {{- end }}
         {{- if $sensor.env }}
         env: {{- include "stackstorm-ha.customEnv" $sensor | nindent 8 }}
         {{- end }}
@@ -1313,6 +1333,9 @@ spec:
         # TODO: Add liveness/readiness probes (#3)
         #livenessProbe:
         #readinessProbe:
+        command:
+          - /opt/stackstorm/st2/bin/st2actionrunner
+          {{- include "stackstorm-ha.st2-config-file-parameters" $ | nindent 10 }}
         {{- if .Values.st2actionrunner.env }}
         env: {{- include "stackstorm-ha.customEnv" .Values.st2actionrunner | nindent 8 }}
         {{- end }}
@@ -1444,6 +1467,9 @@ spec:
         # TODO: Add liveness/readiness probes (#3)
         #livenessProbe:
         #readinessProbe:
+        command:
+          - /opt/stackstorm/st2/bin/st2garbagecollector
+          {{- include "stackstorm-ha.st2-config-file-parameters" $ | nindent 10 }}
         {{- if .Values.st2garbagecollector.env }}
         env: {{- include "stackstorm-ha.customEnv" .Values.st2garbagecollector | nindent 8 }}
         {{- end }}
 
@@ -39,9 +39,7 @@ spec:
         command:
           - st2-apply-rbac-definitions
           - --verbose
-          - --config-file=/etc/st2/st2.conf
-          - --config-file=/etc/st2/st2.docker.conf
-          - --config-file=/etc/st2/st2.user.conf
+          {{- include "stackstorm-ha.st2-config-file-parameters" . | nindent 10 }}
         {{- if .Values.jobs.env }}
         env: {{- include "stackstorm-ha.customEnv" .Values.jobs | nindent 8 }}
         {{- end }}
@@ -408,9 +406,7 @@ spec:
         {{- end }}
         command:
           - st2-register-content
-          - --config-file=/etc/st2/st2.conf
-          - --config-file=/etc/st2/st2.docker.conf
-          - --config-file=/etc/st2/st2.user.conf
+          {{- include "stackstorm-ha.st2-config-file-parameters" . | nindent 10 }}
           - --register-all
           - --register-fail-on-failure
         {{- if .Values.jobs.env }}