fix: actually implement rendered config map and secrets

[ianmuge]

Closes # N/A

📑 Description

This implements and extends the envRender environment variables for both the frontend and backend to provision corresponding configmaps and secrets

ION:

• fixed a mismatched reference to the topology spread in the frontend

✅ Checks

• My pull request adheres to the code style of this project
• My code requires changes to the documentation
• I have updated the documentation as required
• All the tests have passed

ℹ Additional Information

[ianmuge]

@shahargl could I please get a review on this?

[ianmuge]

@talboren any chance of this being reviewed?

[talboren]

@talboren any chance of this being reviewed?

We're having some trouble with the image building process for Keep. Approving, but have not tested it.

[Copilot]

Pull request overview

This pull request implements the envRender configuration option for both frontend and backend components to provision ConfigMaps alongside the existing envRenderSecret functionality for Secrets. It also fixes a bug where the frontend deployment incorrectly referenced backend topology spread constraints.

Changes:

• Added envRender configuration option for backend and frontend to support templated ConfigMap creation
• Created new template files frontend-configs.yaml and backend-configs.yaml to provision ConfigMaps and Secrets
• Fixed topology spread constraints reference in frontend deployment to use frontend values instead of backend values
• Added checksum annotations for envRender and envRenderSecret to trigger pod restarts on configuration changes

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
charts/keep/values.yaml	Added envRender configuration options for both backend and frontend
charts/keep/templates/frontend.yaml	Added envRender support in envFrom, checksum annotations, and fixed topology spread constraints bug
charts/keep/templates/frontend-configs.yaml	New file that creates ConfigMap and Secret resources from envRender and envRenderSecret values
charts/keep/templates/backend.yaml	Added envRender support in envFrom and checksum annotations
charts/keep/templates/backend-configs.yaml	New file that creates ConfigMap and Secret resources from envRender and envRenderSecret values

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The comment mentions "escape {{ in secret values to avoid Helm interpretation" but this is for a ConfigMap (envRender), not for secrets. ConfigMaps should contain non-sensitive data, so the comment should be updated to reference "configmap values" instead of "secret values". This same comment appears correctly for envRenderSecret above.

Suggested change

	# -- Sensible environment variables will be rendered as a new configmap object; escape {{ in secret values to avoid Helm interpretation.
	# -- Sensible environment variables will be rendered as a new configmap object; escape {{ in configmap values to avoid Helm interpretation.

[Copilot]

The comment mentions "escape {{ in secret values to avoid Helm interpretation" but this is for a ConfigMap (envRender), not for secrets. ConfigMaps should contain non-sensitive data, so the comment should be updated to reference "configmap values" instead of "secret values".

Suggested change

	# -- Sensible environment variables will be rendered as a new configmap object; escape {{ in secret values to avoid Helm interpretation.
	# -- Sensible environment variables will be rendered as a new configmap object; escape {{ in configmap values to avoid Helm interpretation.

[ianmuge]

Thanks