will/porthole
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7e1746d1fb3a7db8006eae778a91e25f1a4e24c3
porthole/helm/porthole/templates/secret.yaml.tpl
T
OpenCode Test 4e2ab7cdd8 task-11: complete QA + hardening with resilience fixes 
- Created comprehensive QA checklist covering edge cases (missing EXIF, timezones, codecs, corrupt files)
- Added ErrorBoundary component wrapped around TimelineTree and MediaPanel
- Created global error.tsx page for unhandled errors
- Improved failed asset UX with red borders, warning icons, and inline error display
- Added loading skeletons to TimelineTree and MediaPanel
- Added retry button for failed media loads
- Created DEPLOYMENT_VALIDATION.md with validation commands and checklist
- Applied k8s recommendations:
  - Changed node affinity to required for compute nodes (Pi 5)
  - Enabled Tailscale LoadBalancer service for MinIO S3 (reliable Range requests)
  - Enabled cleanup CronJob for staging files
2025-12-24 12:45:22 -08:00

41 lines
1.8 KiB
Smarty
Raw Blame History

{{- if not .Values.secrets.existingSecret -}}
{{- $existing := lookup "v1" "Secret" .Release.Namespace (include "tline.secretName" .) -}}
{{- $existingData := dict -}}
{{- if $existing -}}
{{- $existingData = (get $existing "data") | default dict -}}
{{- end -}}
{{- $pgPassB64 := (get $existingData "POSTGRES_PASSWORD") | default (randAlphaNum 32 | b64enc) -}}
{{- $minioKeyB64 := (get $existingData "MINIO_ACCESS_KEY_ID") | default (randAlphaNum 20 | b64enc) -}}
{{- $minioSecretB64 := (get $existingData "MINIO_SECRET_ACCESS_KEY") | default (randAlphaNum 40 | b64enc) -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "tline.secretName" . }}
labels:
{{ include "tline.labels" . | indent 4 }}
type: Opaque
data:
POSTGRES_PASSWORD: {{ .Values.secrets.postgres.password | default ($pgPassB64 | b64dec) | b64enc }}
MINIO_ACCESS_KEY_ID: {{ .Values.secrets.minio.accessKeyId | default ($minioKeyB64 | b64dec) | b64enc }}
MINIO_SECRET_ACCESS_KEY: {{ .Values.secrets.minio.secretAccessKey | default ($minioSecretB64 | b64dec) | b64enc }}
{{- end }}
{{- if .Values.registrySecret.create -}}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "tline.registrySecretName" . }}
labels:
{{ include "tline.labels" . | indent 4 }}
type: kubernetes.io/dockerconfigjson
{{ $server := include "tline.registryServer" . -}}
{{ $user := required "registrySecret.username is required" .Values.registrySecret.username -}}
{{ $pass := required "registrySecret.password is required" .Values.registrySecret.password -}}
{{ $email := .Values.registrySecret.email | default "" -}}
{{ $auth := printf "%s:%s" $user $pass | b64enc -}}
{{ $cfg := dict "auths" (dict $server (dict "username" $user "password" $pass "email" $email "auth" $auth)) -}}
data:
.dockerconfigjson: {{ $cfg | toJson | b64enc }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink