Skip to content

feat(chart): add extraManifests and backend.environmentSecrets#121

Open
oba11 wants to merge 3 commits into
artifact-keeper:mainfrom
oba11:feat/extra-manifests-and-environment-secrets
Open

feat(chart): add extraManifests and backend.environmentSecrets#121
oba11 wants to merge 3 commits into
artifact-keeper:mainfrom
oba11:feat/extra-manifests-and-environment-secrets

Conversation

@oba11

@oba11 oba11 commented May 22, 2026

Copy link
Copy Markdown

Closes #120

Summary

  • Add backend.environmentSecrets — list of env vars sourced from existing Secrets via secretKeyRef, rendered into the backend container's env:.
  • Add top-level extraManifests — list of raw, templated manifests rendered as additional documents (tpl . $), so chart helpers like {{ include "artifact-keeper.fullname" . }} work inside entries.
  • Motivating use case: deliver OTEL_EXPORTER_OTLP_HEADERS securely by shipping an ExternalSecret via extraManifests and injecting its value via backend.environmentSecrets — no plaintext in values, no second Argo Application.

Test plan

  • helm lint charts/artifact-keeper passes.
  • helm template with both new values set renders the expected secretKeyRef entry under the backend container's env: and emits the extra manifest as its own document.
  • Defaults (environmentSecrets: [], extraManifests: []) produce no diff vs. main when unset.

@oba11 oba11 requested a review from a team as a code owner May 22, 2026 12:17
@oba11

oba11 commented May 22, 2026

Copy link
Copy Markdown
Author

Hey @brandonrc — quick ping when you have a moment 🙏

All required checks are green. The only red is SonarCloud Scan, which fails because SONAR_TOKEN isn't exposed to fork PRs.

Happy to tweak anything else. Thanks!

@oba11 oba11 force-pushed the feat/extra-manifests-and-environment-secrets branch 2 times, most recently from b029b0f to 7b5d66d Compare June 2, 2026 14:03
@brandonrc

brandonrc commented Jun 3, 2026

Copy link
Copy Markdown
Contributor

Thanks for the PR. The one required check failing here is Verify helm-docs output: the chart README needs regenerating after the values change. Could you run this from the repo root and commit the result?

cd charts/artifact-keeper && helm-docs

(helm-docs v1.14.2, matching .github/workflows/helm-docs.yml.) That should clear the check.

Heads up: the red SonarCloud Scan is a known non-blocking issue on fork PRs. GitHub withholds SONAR_TOKEN from forks and the job is already continue-on-error, so it is safe to ignore.

@oba11
feat(chart): add extraManifests and backend.environmentSecrets
96fadca 
Lets operators source backend env vars (e.g. OTEL_EXPORTER_OTLP_HEADERS)
from existing Secrets and ship arbitrary Kubernetes objects (ExternalSecret,
SealedSecret, custom CRs) alongside the release without forking the chart.

Refs artifact-keeper#120
@oba11 oba11 force-pushed the feat/extra-manifests-and-environment-secrets branch from 32179e1 to b743677 Compare June 9, 2026 09:38
@oba11 oba11 force-pushed the feat/extra-manifests-and-environment-secrets branch from b743677 to be48e83 Compare June 9, 2026 09:41
@oba11

oba11 commented Jun 9, 2026

Copy link
Copy Markdown
Author

Thanks @brandonrc, I've regenerated the chart README and all good now.

@oba11

oba11 commented Jun 16, 2026

Copy link
Copy Markdown
Author

@brandonrc just want to check again on the merge-ability of this pull request. Thanks alot for your help

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Helm chart: support extraManifests and backend.environmentSecrets

2 participants

@oba11 @brandonrc