feat: add full Kubernetes env var support to Helm chart

Add support for valueFrom in environment variables for both main container and user-sync init container. This enables injecting values from secrets, configMaps, fieldRefs, and resourceFieldRefs instead of only hardcoded values. Updated deployment template to use toYaml for env rendering, allowing full Kubernetes env var specifications. Added comprehensive documentation and examples in values.yaml. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-10 13:10:42 +00:00 · 2025-12-02 21:42:37 +01:00 · 2025-12-02 21:42:37 +01:00 · 2a865b2ba4
commit 2a865b2ba4
parent be4e0f8e71
2 changed files with 48 additions and 5 deletions
--- a/deploy/helm/barycenter/templates/deployment.yaml
+++ b/deploy/helm/barycenter/templates/deployment.yaml
@ -47,6 +47,9 @@ spec:
        env:
        - name: RUST_LOG
          value: "info"
+        {{- if .Values.userSync.env }}
+        {{- toYaml .Values.userSync.env | nindent 8 }}
+        {{- end }}
        volumeMounts:
        - name: config
          mountPath: /app/config
@ -72,10 +75,9 @@ spec:
        - name: http
          containerPort: {{ .Values.config.server.port }}
          protocol: TCP
+        {{- if .Values.env }}
        env:
-        {{- range .Values.env }}
-        - name: {{ .name }}
-          value: {{ .value | quote }}
+          {{- toYaml .Values.env | nindent 8 }}
        {{- end }}
        volumeMounts:
        - name: config
--- a/deploy/helm/barycenter/values.yaml
+++ b/deploy/helm/barycenter/values.yaml
@ -118,13 +118,41 @@ config:
  federation:
    trustAnchors: []

-# Environment variables
+# Environment variables for main container
+# Supports full Kubernetes env var specification including valueFrom
 env:
  - name: RUST_LOG
    value: "info"
-  # Add additional environment variables here
+  # Simple value example:
  # - name: BARYCENTER__SERVER__PUBLIC_BASE_URL
  #   value: "https://idp.example.com"
+  #
+  # ValueFrom secret example:
+  # - name: BARYCENTER__DATABASE__URL
+  #   valueFrom:
+  #     secretKeyRef:
+  #       name: barycenter-db-secret
+  #       key: database-url
+  #
+  # ValueFrom configMap example:
+  # - name: CONFIG_VALUE
+  #   valueFrom:
+  #     configMapKeyRef:
+  #       name: app-config
+  #       key: some-value
+  #
+  # Field reference example:
+  # - name: POD_NAME
+  #   valueFrom:
+  #     fieldRef:
+  #       fieldPath: metadata.name
+  #
+  # Resource limits example:
+  # - name: MEMORY_LIMIT
+  #   valueFrom:
+  #     resourceFieldRef:
+  #       containerName: barycenter
+  #       resource: limits.memory

 # Persistence for database and keys
 persistence:
@ -166,6 +194,19 @@ userSync:
  # Secret key containing the users.json file
  secretKey: "users.json"

+  # Additional environment variables for user-sync init container
+  # Supports full Kubernetes env var specification (same as main container)
+  # RUST_LOG is already set to "info" by default
+  env: []
+  # Examples:
+  # - name: CUSTOM_VAR
+  #   value: "custom-value"
+  # - name: SECRET_VALUE
+  #   valueFrom:
+  #     secretKeyRef:
+  #       name: my-secret
+  #       key: secret-key
+
  # Init container resources
  resources:
    limits: