Skip to content

Commit 2ec0cef

Browse files
author
Andrew Farries
committed
Mount stripe secret into usage component
The component will need to interact with the stripe api so will need API keys.
1 parent 1ddaa16 commit 2ec0cef

File tree

2 files changed

+24
-1
lines changed

2 files changed

+24
-1
lines changed

install/installer/pkg/components/usage/constants.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,5 +5,6 @@
55
package usage
66

77
const (
8-
Component = "usage"
8+
Component = "usage"
9+
StripeSecretMountPath = "stripe-secret"
910
)

install/installer/pkg/components/usage/deployment.go

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ import (
77
"github.com/gitpod-io/gitpod/common-go/baseserver"
88
"github.com/gitpod-io/gitpod/installer/pkg/cluster"
99
"github.com/gitpod-io/gitpod/installer/pkg/common"
10+
"github.com/gitpod-io/gitpod/installer/pkg/config/v1/experimental"
1011
appsv1 "k8s.io/api/apps/v1"
1112
corev1 "k8s.io/api/core/v1"
1213
"k8s.io/apimachinery/pkg/api/resource"
@@ -19,6 +20,14 @@ import (
1920
func deployment(ctx *common.RenderContext) ([]runtime.Object, error) {
2021
labels := common.DefaultLabels(Component)
2122

23+
stripeSecret := ""
24+
_ = ctx.WithExperimental(func(cfg *experimental.Config) error {
25+
if cfg.WebApp != nil && cfg.WebApp.Server != nil {
26+
stripeSecret = cfg.WebApp.Server.StripeSecret
27+
}
28+
return nil
29+
})
30+
2231
return []runtime.Object{
2332
&appsv1.Deployment{
2433
TypeMeta: common.TypeMetaDeployment,
@@ -45,6 +54,14 @@ func deployment(ctx *common.RenderContext) ([]runtime.Object, error) {
4554
RestartPolicy: "Always",
4655
TerminationGracePeriodSeconds: pointer.Int64(30),
4756
InitContainers: []corev1.Container{*common.DatabaseWaiterContainer(ctx)},
57+
Volumes: []corev1.Volume{{
58+
Name: "stripe-secret",
59+
VolumeSource: corev1.VolumeSource{
60+
Secret: &corev1.SecretVolumeSource{
61+
SecretName: stripeSecret,
62+
},
63+
},
64+
}},
4865
Containers: []corev1.Container{{
4966
Name: Component,
5067
Image: ctx.ImageName(ctx.Config.Repository, Component, ctx.VersionManifest.Components.Usage.Version),
@@ -66,6 +83,11 @@ func deployment(ctx *common.RenderContext) ([]runtime.Object, error) {
6683
common.DefaultEnv(&ctx.Config),
6784
common.DatabaseEnv(&ctx.Config),
6885
),
86+
VolumeMounts: []corev1.VolumeMount{{
87+
Name: "stripe-secret",
88+
ReadOnly: true,
89+
MountPath: StripeSecretMountPath,
90+
}},
6991
LivenessProbe: &corev1.Probe{
7092
ProbeHandler: corev1.ProbeHandler{
7193
HTTPGet: &corev1.HTTPGetAction{

0 commit comments

Comments
 (0)