mirror of
https://github.com/twentyhq/twenty.git
synced 2026-06-12 18:08:58 -04:00
9d613dc19d
This pull request enhances the Helm chart for the Twenty application by improving how environment variables and Redis credentials are handled for both server and worker deployments. The main changes include support for injecting additional environment variables, improved Redis password management (including external secrets), and a more robust database migration workflow. **Environment Variable Injection:** - Added support for specifying additional environment variables for both the server and worker deployments via the `additionalEnv` field in `values.yaml`. These variables are automatically injected into the respective pods. [[1]](diffhunk://#diff-b5d958eae48fd1919e5623bcf0144aac7abb323ae8743e6f31367e383c63c296R55) [[2]](diffhunk://#diff-b5d958eae48fd1919e5623bcf0144aac7abb323ae8743e6f31367e383c63c296R109-R110) [[3]](diffhunk://#diff-20bb91909627a12b50b3c165a2a027b663479c0104ed8dbf91d2b9ad8ea8a931R74-R77) [[4]](diffhunk://#diff-20bb91909627a12b50b3c165a2a027b663479c0104ed8dbf91d2b9ad8ea8a931R157-R172) [[5]](diffhunk://#diff-20bb91909627a12b50b3c165a2a027b663479c0104ed8dbf91d2b9ad8ea8a931R225-R229) [[6]](diffhunk://#diff-fb612a3b7a13156aaa607b27d23025e2c6831f111b6a582fd313fad26d2fdb5bR89-R92) **Redis Credential Management:** - Introduced support for using external secrets for Redis passwords by adding `secretName` and `passwordKey` fields under `redis.external` in `values.yaml`, and logic to inject `REDIS_PASSWORD` from a Kubernetes secret if configured. [[1]](diffhunk://#diff-b5d958eae48fd1919e5623bcf0144aac7abb323ae8743e6f31367e383c63c296R180-R182) [[2]](diffhunk://#diff-5c4fa358b10abd7581188995feb9b4d6be0bc4f06a95bf27bb31b5595d6693d8R92-R100) [[3]](diffhunk://#diff-20bb91909627a12b50b3c165a2a027b663479c0104ed8dbf91d2b9ad8ea8a931R157-R172) [[4]](diffhunk://#diff-20bb91909627a12b50b3c165a2a027b663479c0104ed8dbf91d2b9ad8ea8a931R196-R205) [[5]](diffhunk://#diff-fb612a3b7a13156aaa607b27d23025e2c6831f111b6a582fd313fad26d2fdb5bR70-R79) - Updated the logic for constructing the `REDIS_URL` to include authentication information if a password is set or an external secret is used. **Database Migration Workflow:** - Improved the startup command for the server deployment to optionally skip database migrations (using `DISABLE_DB_MIGRATIONS`), check for an existing schema before running migrations, and ensure setup scripts are only run on empty databases. These changes make the chart more flexible and secure, especially for production deployments requiring externalized secrets and custom environment configurations. --------- Co-authored-by: Charles Bochet <charles@twenty.com>