CodeTogether-Inc · nmorenor · Feb 10, 2025 · Feb 7, 2025 · Feb 7, 2025
diff --git a/charts/intel/README.md b/charts/intel/README.md
@@ -31,6 +31,8 @@ The following table lists configurable parameters of the CodeTogether Intel char
 | `imageCredentials.password`                    | Docker registry password                                                                     | `my-customer-password`                                    |
 | `imageCredentials.email`                       | Docker registry email                                                                        | `unused`                                                  |
 | `codetogether.url`                             | Full URL for the CodeTogether Intel server                                                     | `https://<server-fqdn>`                                   |
+| `hqpropertiessecret.enabled`                     | (Optional) If true, the value in hqpropertiessecret.ref will be used in place of the hqproperties values     | `false` |
+| `hqpropertiessecret.ref`                     | (Optional) Name of a Kubernetes secret containing the hqproperties secret. If provided, will override the other values in the hqproperties section     | `kubernetes-secret-name` |
 | `hqproperties.hq.sso.client.id`                | Client ID for Single Sign-On (SSO)                                                          | `CLIENTID.apps.googleusercontent.com`                     |
 | `hqproperties.hq.sso.client.secret`            | Client Secret for Single Sign-On (SSO)                                                      | `CLIENTSECRET`                                            |
 | `hqproperties.hq.sso.client.issuer.url`        | Issuer URL for Single Sign-On (SSO)                                                         | `https://accounts.google.com`                             |
@@ -51,7 +53,6 @@ The following table lists configurable parameters of the CodeTogether Intel char
 | `java.customCacerts.enabled`                   | Enables mounting a custom Java trust store (cacerts)                                         | `false`                                                  |
 | `java.customCacerts.cacertsSecretName`         | Name of the Kubernetes secret containing the `cacerts` file                                  | `custom-java-cacerts`                                    |
 | `java.customCacerts.trustStorePasswordKey`     | (Optional) Key inside the Kubernetes secret containing the trust store password             | `trustStorePassword`                                     |
-| `cassandra.passwordSecret`                     | (Optional) Name of a Kubernetes secret containing the Cassandra database password.          |                                                           |
 | `ingress.enabled`                              | Enables ingress controller resource                                                         | `true`                                                    |
 | `ingress.annotations`                          | Annotations for ingress                                                                      | `{}`                                                      |
 | `ingress.tls.secretName`                       | TLS secret name for ingress                                                                 | `codetogether-intel-tls`                                     |

diff --git a/charts/intel/templates/deployment.yaml b/charts/intel/templates/deployment.yaml
@@ -107,7 +107,13 @@ spec:
       volumes:
         - name: properties-volume
           secret:
-            secretName: {{ if .Values.fullnameOverride }}{{ .Values.fullnameOverride }}-hqproperties{{ else }}hqproperties{{ end }}
+            secretName: {{- if .Values.hqpropertiessecret.enabled }}
+              {{- .Values.hqpropertiessecret.ref }}
+            {{- else if .Values.fullnameOverride }}
+              {{- printf "%s-hqproperties" .Values.fullnameOverride }}
+            {{- else }}
+              {{- "hqproperties" }}
+            {{- end }}
         {{- if .Values.java.customCacerts.enabled }}
         - name: java-cacerts
           secret:

diff --git a/charts/intel/templates/secret-properties.yaml b/charts/intel/templates/secret-properties.yaml
@@ -1,18 +1,12 @@
+{{- if not .Values.hqpropertiessecret.enabled }}
 apiVersion: v1
 kind: Secret
 metadata:
   name: {{ if .Values.fullnameOverride }}{{ .Values.fullnameOverride }}-hqproperties{{ else }}hqproperties{{ end }}
 type: Opaque
 stringData:
   cthq.properties: |-
-    {{- $cassandraPassword := "" }}
-    {{- if and (hasKey .Values "cassandra") (hasKey .Values.cassandra "passwordSecret") .Values.cassandra.passwordSecret (lookup "v1" "Secret" .Release.Namespace .Values.cassandra.passwordSecret) }}
-    {{- $cassandraPassword := (lookup "v1" "Secret" .Release.Namespace .Values.cassandra.passwordSecret).data.cassandraPassword | b64dec }}
-    {{- end }}
     {{- range $key, $value := .Values.hqproperties }}
-      {{- if and (eq $key "hq.cassandra.db.password") $cassandraPassword }}
-    {{ $key }}={{ $cassandraPassword }}
-      {{- else }}
-    {{ $key }}={{ $value }}
-      {{- end }}
-    {{- end }}
+       {{ $key }}={{ $value }}
+    {{- end }}
+{{- end }}
diff --git a/charts/intel/values.yaml b/charts/intel/values.yaml
@@ -59,11 +59,10 @@ hqproperties:
   # default datacenter name is 'datacenter1'
   # hq.cassandra.db.localdatacenter: datacenter1
 
-# Optional property, if provided the value from the secret will be used as the cassandra DB password
-# This will overwrite the value in the hqproperties hq.cassandra.db.password
-# The secret must have a key named 'cassandraPassword'
-cassandra:
-  passwordSecret: ""
+# Optional properties, if enabled is true, the values in the secret will be used as the hqproperties secret
+hqpropertiessecret:
+  enabled: false
+  ref: "intel-test-hqproperties-arbitrary"
 
 java:
   customCacerts: