Skip to content

Add support for pre-created Kubernetes secrets in Helm chart#466

Open
dpacheconr wants to merge 1 commit intonewrelic:mainfrom
dpacheconr:feat/support-pre-created-secrets
Open

Add support for pre-created Kubernetes secrets in Helm chart#466
dpacheconr wants to merge 1 commit intonewrelic:mainfrom
dpacheconr:feat/support-pre-created-secrets

Conversation

@dpacheconr
Copy link

@dpacheconr dpacheconr commented Jan 26, 2026

Summary

Add support for using pre-created Kubernetes secrets with the Helm chart via new customSecretName and customSecretKey values. This enables integration with external secret management tools like External Secrets Operator, Sealed Secrets, and Vault.

Changes

  • Add customSecretName value to reference an existing secret instead of creating one
  • Add customSecretKey value to customize the key name in external secrets (defaults to personalAPIKey)
  • Make secret creation conditional based on customSecretName
  • Add helper functions to determine secret name and key at runtime
  • Update deployment to use configurable secret references
  • Update README with documentation and usage examples
  • Remove deprecated engine: gotpl field from Chart.yaml for Helm v3 compliance
  • Bump chart version to 1.18.0

Backward Compatibility

Fully backward compatible - existing installations continue to work without changes. The default behavior (creating a secret from personalAPIKey) is preserved when customSecretName is not set.

Testing

  • Tested chart linting with both default and custom secret scenarios
  • Verified Helm template rendering for all combinations
  • Tested on live Minikube cluster:
    • Scenario 1: Default personalAPIKey creates secret automatically
    • Scenario 2: Custom secret name skips secret creation and uses external secret

Documentation

Updated README.md with usage examples for External Secrets Operator, Sealed Secrets, Vault, and manual secret creation.

@dpacheconr
feat: add support for pre-created Kubernetes secrets in Helm chart
483eb07 
Allow users to install the chart with externally managed secrets via customSecretName and customSecretKey values. This enables integration with secret management tools like External Secrets Operator, Sealed Secrets, and Vault.

- Add customSecretName and customSecretKey chart values
- Make secret creation conditional based on customSecretName
- Add helper functions for secret resolution
- Update deployment to use configurable secret references
- Add documentation and usage examples

Also removes deprecated engine: gotpl field from Chart.yaml for Helm v3 compliance.

Bump chart version to 1.18.0 (minor version for new feature).
@dpacheconr dpacheconr requested a review from a team as a code owner January 26, 2026 10:00
@mangulonr mangulonr mentioned this pull request Jan 26, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dpacheconr

Comments