Move db and django secrets to a kube secret

templates/deployment.yaml

@@ -4,6 +4,7 @@ metadata:
   name: {{ include "glitchtip.fullname" . }}
   labels:
     {{- include "glitchtip.labels" . | nindent 4 }}
+    lol: "yes"
 spec:
   replicas: {{ .Values.replicaCount }}
   selector:
@@ -34,12 +35,13 @@ spec:
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
           env:
-            - name: DATABASE_URL
-            - name: SECRET_KEY
             - name: DEBUG
               value: "False"
             - name: STATIC_URL
               value: /
+          envFrom:
+            - secretRef:
+                name: {{ include "glitchtip.fullname" . }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

templates/pre-install-job.yaml

@@ -17,9 +17,10 @@ spec:
         image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
         command: ["./manage.py","migrate"]
         env:
-          - name: DATABASE_URL
-          - name: SECRET_KEY
           - name: DEBUG
             value: "False"
           - name: STATIC_URL
             value: /
+        envFrom:
+          - secretRef:
+              name: {{ include "glitchtip.fullname" . }}

templates/secrets.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "glitchtip.fullname" . }}
+  labels:
+    {{- include "glitchtip.labels" . | nindent 4 }}
+type: Opaque
+data:
+  DATABASE_URL: {{ required "databaseURL is a required value." .Values.databaseURL | b64enc | quote }}
+  SECRET_KEY: {{ required "secretKey is a required value." .Values.secretKey | b64enc | quote }}