diff --git a/apps/cde/base/cde-flowscallback.yaml b/apps/cde/base/cde-flowscallback.yaml index 62d436c..439e02e 100644 --- a/apps/cde/base/cde-flowscallback.yaml +++ b/apps/cde/base/cde-flowscallback.yaml @@ -28,7 +28,7 @@ spec: vault.hashicorp.com/agent-inject-template-cde-env: |- {{- with secret "secrets/data/vault/apps/cde" -}} {{- range $k, $v := .Data.data }} - {{ $k }}={{ printf "%q" (printf "%v" $v) }} + export {{ $k }}=$(printf '%b' {{ printf "%q" (printf "%v" $v) }}) {{- end }} {{- end -}} spec: @@ -37,6 +37,14 @@ spec: - name: cde-flowscallback image: cr.yandex/crp3ccidau046kdj8g9q/flowscallback-worker:prod_9f3c1d2a imagePullPolicy: IfNotPresent + command: + - /bin/bash + - -lc + args: + - | + set -e + source /vault/secrets/cde-env + exec /worker ports: - name: http containerPort: 8000 @@ -44,9 +52,6 @@ spec: env: - name: S3_IS_CONTOUR value: "true" - envFrom: - - secretRef: - name: cde-secret resources: requests: cpu: "1" diff --git a/apps/cde/base/cde-splitpdf.yaml b/apps/cde/base/cde-splitpdf.yaml index 3b7b374..c89d162 100644 --- a/apps/cde/base/cde-splitpdf.yaml +++ b/apps/cde/base/cde-splitpdf.yaml @@ -28,7 +28,7 @@ spec: vault.hashicorp.com/agent-inject-template-cde-env: |- {{- with secret "secrets/data/vault/apps/cde" -}} {{- range $k, $v := .Data.data }} - {{ $k }}={{ printf "%q" (printf "%v" $v) }} + export {{ $k }}=$(printf '%b' {{ printf "%q" (printf "%v" $v) }}) {{- end }} {{- end -}} spec: @@ -37,6 +37,14 @@ spec: - name: cde-splitpdf image: cr.yandex/crp3ccidau046kdj8g9q/splitpdf-worker:prod_9f3c1d2a imagePullPolicy: IfNotPresent + command: + - /bin/bash + - -lc + args: + - | + set -e + source /vault/secrets/cde-env + exec /worker ports: - name: http containerPort: 8000 @@ -44,9 +52,6 @@ spec: env: - name: S3_IS_CONTOUR value: "true" - envFrom: - - secretRef: - name: cde-secret resources: requests: cpu: "1" diff --git a/apps/cde/base/cde-worker-copy.yaml b/apps/cde/base/cde-worker-copy.yaml index 02af6f2..e3bbdc4 100644 --- a/apps/cde/base/cde-worker-copy.yaml +++ b/apps/cde/base/cde-worker-copy.yaml @@ -28,7 +28,7 @@ spec: vault.hashicorp.com/agent-inject-template-cde-env: |- {{- with secret "secrets/data/vault/apps/cde" -}} {{- range $k, $v := .Data.data }} - {{ $k }}={{ printf "%q" (printf "%v" $v) }} + export {{ $k }}=$(printf '%b' {{ printf "%q" (printf "%v" $v) }}) {{- end }} {{- end -}} spec: @@ -37,6 +37,14 @@ spec: - name: cde-worker-copy image: cr.yandex/crp3ccidau046kdj8g9q/copy-worker:prod_9f3c1d2a imagePullPolicy: IfNotPresent + command: + - /bin/bash + - -lc + args: + - | + set -e + source /vault/secrets/cde-env + exec /worker ports: - name: http containerPort: 8000 @@ -44,9 +52,6 @@ spec: env: - name: S3_IS_CONTOUR value: "true" - envFrom: - - secretRef: - name: cde-secret resources: requests: cpu: "1" diff --git a/apps/cde/base/cde-worker-create-versions.yaml b/apps/cde/base/cde-worker-create-versions.yaml index c141193..7eaf366 100644 --- a/apps/cde/base/cde-worker-create-versions.yaml +++ b/apps/cde/base/cde-worker-create-versions.yaml @@ -28,7 +28,7 @@ spec: vault.hashicorp.com/agent-inject-template-cde-env: |- {{- with secret "secrets/data/vault/apps/cde" -}} {{- range $k, $v := .Data.data }} - {{ $k }}={{ printf "%q" (printf "%v" $v) }} + export {{ $k }}=$(printf '%b' {{ printf "%q" (printf "%v" $v) }}) {{- end }} {{- end -}} spec: @@ -37,6 +37,14 @@ spec: - name: cde-worker-create-versions image: cr.yandex/crp3ccidau046kdj8g9q/createversions-worker:prod_9f3c1d2a imagePullPolicy: IfNotPresent + command: + - /bin/bash + - -lc + args: + - | + set -e + source /vault/secrets/cde-env + exec /worker ports: - name: http containerPort: 8000 @@ -44,9 +52,6 @@ spec: env: - name: S3_IS_CONTOUR value: "true" - envFrom: - - secretRef: - name: cde-secret resources: requests: cpu: "1" diff --git a/apps/cde/base/cde-worker-markings.yaml b/apps/cde/base/cde-worker-markings.yaml index 7c1b38d..22f2235 100644 --- a/apps/cde/base/cde-worker-markings.yaml +++ b/apps/cde/base/cde-worker-markings.yaml @@ -28,7 +28,7 @@ spec: vault.hashicorp.com/agent-inject-template-cde-env: |- {{- with secret "secrets/data/vault/apps/cde" -}} {{- range $k, $v := .Data.data }} - {{ $k }}={{ printf "%q" (printf "%v" $v) }} + export {{ $k }}=$(printf '%b' {{ printf "%q" (printf "%v" $v) }}) {{- end }} {{- end -}} spec: @@ -37,6 +37,14 @@ spec: - name: cde-worker-markings image: cr.yandex/crp3ccidau046kdj8g9q/markings-worker:prod_9f3c1d2a imagePullPolicy: IfNotPresent + command: + - /bin/bash + - -lc + args: + - | + set -e + source /vault/secrets/cde-env + exec /worker ports: - name: http containerPort: 8000 @@ -44,9 +52,6 @@ spec: env: - name: S3_IS_CONTOUR value: "true" - envFrom: - - secretRef: - name: cde-secret resources: requests: cpu: "1" diff --git a/apps/cde/base/cde-worker-sign.yaml b/apps/cde/base/cde-worker-sign.yaml index 8c3da1f..dbc25ce 100644 --- a/apps/cde/base/cde-worker-sign.yaml +++ b/apps/cde/base/cde-worker-sign.yaml @@ -28,7 +28,7 @@ spec: vault.hashicorp.com/agent-inject-template-cde-env: |- {{- with secret "secrets/data/vault/apps/cde" -}} {{- range $k, $v := .Data.data }} - {{ $k }}={{ printf "%q" (printf "%v" $v) }} + export {{ $k }}=$(printf '%b' {{ printf "%q" (printf "%v" $v) }}) {{- end }} {{- end -}} spec: @@ -37,6 +37,14 @@ spec: - name: cde-worker-sign image: cr.yandex/crp3ccidau046kdj8g9q/sign-worker:prod_9f3c1d2a imagePullPolicy: IfNotPresent + command: + - /bin/bash + - -lc + args: + - | + set -e + source /vault/secrets/cde-env + exec /worker ports: - name: http containerPort: 8000 @@ -44,9 +52,6 @@ spec: env: - name: S3_IS_CONTOUR value: "true" - envFrom: - - secretRef: - name: cde-secret resources: requests: cpu: "1" diff --git a/apps/cde/base/cde-worker-update-bundles.yaml b/apps/cde/base/cde-worker-update-bundles.yaml index f2d15b2..967c8ef 100644 --- a/apps/cde/base/cde-worker-update-bundles.yaml +++ b/apps/cde/base/cde-worker-update-bundles.yaml @@ -28,7 +28,7 @@ spec: vault.hashicorp.com/agent-inject-template-cde-env: |- {{- with secret "secrets/data/vault/apps/cde" -}} {{- range $k, $v := .Data.data }} - {{ $k }}={{ printf "%q" (printf "%v" $v) }} + export {{ $k }}=$(printf '%b' {{ printf "%q" (printf "%v" $v) }}) {{- end }} {{- end -}} spec: @@ -37,6 +37,14 @@ spec: - name: cde-worker-update-bundles image: cr.yandex/crp3ccidau046kdj8g9q/updatebundles-worker:prod_9f3c1d2a imagePullPolicy: IfNotPresent + command: + - /bin/bash + - -lc + args: + - | + set -e + source /vault/secrets/cde-env + exec /worker ports: - name: http containerPort: 8000 @@ -44,9 +52,6 @@ spec: env: - name: S3_IS_CONTOUR value: "true" - envFrom: - - secretRef: - name: cde-secret resources: requests: cpu: "1" diff --git a/apps/cde/base/cde.yaml b/apps/cde/base/cde.yaml index d86522a..e42ba3c 100644 --- a/apps/cde/base/cde.yaml +++ b/apps/cde/base/cde.yaml @@ -28,7 +28,7 @@ spec: vault.hashicorp.com/agent-inject-template-cde-env: |- {{- with secret "secrets/data/vault/apps/cde" -}} {{- range $k, $v := .Data.data }} - {{ $k }}={{ printf "%q" (printf "%v" $v) }} + export {{ $k }}=$(printf '%b' {{ printf "%q" (printf "%v" $v) }}) {{- end }} {{- end -}} spec: @@ -37,6 +37,14 @@ spec: - name: api image: cr.yandex/crp3ccidau046kdj8g9q/cde:prod_9f3c1d2a imagePullPolicy: IfNotPresent + command: + - /bin/bash + - -lc + args: + - | + set -e + source /vault/secrets/cde-env + exec /http ports: - name: http containerPort: 8000 @@ -44,9 +52,6 @@ spec: env: - name: S3_IS_CONTOUR value: "true" - envFrom: - - secretRef: - name: cde-secret resources: requests: cpu: "1"