Skip to content

Commit 1d61cc5

Browse files
kayahkHakan Kaya
kayahk
and
Hakan Kaya
authored
fix: conditionally set OPENFGA_DATASTORE_URI based on externalSecret configuration in openfga-deployment.yaml (#143)
Previously, the `ENV` parameter `OPENFGA_DATASTORE_URI ` would be set, regardless of the `externalSecret.enabled` value, which would override the secret reference and prevent successful db authentication. The fix makes sure that the `ENV` parameter will only be set, if `externalSecret.enabled` is set to `false`. Co-authored-by: Hakan Kaya <[email protected]>
1 parent 989572c commit 1d61cc5

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

charts/openobserve/templates/openfga-deployment.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ spec:
2222
env:
2323
- name: OPENFGA_DATASTORE_ENGINE
2424
value: postgres
25+
{{- if not .Values.externalSecret.enabled }}
2526
{{- if .Values.postgres.enabled }}
2627
- name: OPENFGA_DATASTORE_URI
2728
value: "postgres://openobserve:{{ .Values.postgres.spec.password }}@{{ include "openobserve.fullname" . }}-postgres-rw.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}:5432/app?sslmode=disable"
@@ -32,6 +33,7 @@ spec:
3233
- name: OPENFGA_DATASTORE_URI
3334
value: "{{ .Values.config.ZO_META_POSTGRES_DSN }}"
3435
{{- end }}
36+
{{- end }}
3537
envFrom:
3638
- secretRef: # postgres detail can be picked up from secret if not found anywhere else
3739
name: {{ if .Values.externalSecret.enabled }}{{ .Values.externalSecret.name }}{{ else }}{{ include "openobserve.fullname" . }}{{ end }}
@@ -47,6 +49,7 @@ spec:
4749
env:
4850
- name: OPENFGA_DATASTORE_ENGINE
4951
value: postgres
52+
{{- if not .Values.externalSecret.enabled }}
5053
{{- if .Values.postgres.enabled }}
5154
- name: OPENFGA_DATASTORE_URI
5255
value: "postgres://openobserve:{{ .Values.postgres.spec.password }}@{{ include "openobserve.fullname" . }}-postgres-rw.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}:5432/app?sslmode=disable"
@@ -57,6 +60,7 @@ spec:
5760
- name: OPENFGA_DATASTORE_URI
5861
value: "{{ .Values.config.ZO_META_POSTGRES_DSN }}"
5962
{{- end }}
63+
{{- end }}
6064
- name: OPENFGA_LOG_FORMAT
6165
value: json
6266
envFrom:

0 commit comments

Comments
 (0)