From 365334cea76ebff6e78f71fd4b1828f00462dda5 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Wed, 29 May 2024 09:36:30 -0500
Subject: [PATCH] xactfetch: Provide Vaultwarden password for sync

Vaultwarden has started prompting for the master password occasionally
when syncing the vault.  Thus, we need to make sure it is available in
the _sync_ container, by mounting the secret and providing the
`PINENTRY_PASSWORD_FILE` environment variable.
---
 xactfetch/xactfetch.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/xactfetch/xactfetch.yaml b/xactfetch/xactfetch.yaml
index 8973d93..930c305 100644
--- a/xactfetch/xactfetch.yaml
+++ b/xactfetch/xactfetch.yaml
@@ -38,12 +38,18 @@ spec:
             command:
             - rbw
             - sync
+            envFrom:
+            - configMapRef:
+                name: xactfetch
             securityContext:
               readOnlyRootFilesystem: true
             volumeMounts:
             - mountPath: /etc/rbw
               name: xactfetch-rbw
               readOnly: true
+            - mountPath: /run/secrets/xactfetch
+              name: xactfetch-secrets
+              readOnly: true
             - mountPath: /tmp
               name: tmp
               subPath: tmp
@@ -71,6 +77,8 @@ spec:
             - mountPath: /var/lib/xactfetch
               name: xactfetch-data
               subPath: data
+          nodeSelector:
+            kubernetes.io/arch: amd64
           securityContext:
             fsGroup: 2468
             runAsNonRoot: true