kubernetes/firefly-iii/kustomization.yaml

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

labels:
- pairs:
    app.kubernetes.io/instance: firefly-iii

namespace: firefly-iii

resources:
- secrets.yaml
- redis.yaml
- firefly-iii.yaml
- ingress.yaml
- importer.yaml
- importer-ingress.yaml

configMapGenerator:
- name: firefly-iii
  envs:
  - firefly-iii.env
  options:
    disableNameSuffixHash: true
- name: firefly-iii-importer
  envs:
  - firefly-iii-importer.env

patches:
# This patch changes the source secret for the PostgreSQL database
# password from the default (`db.password` inside `firefly-iii`) to
# a secret managed by the postgres operator.
- patch: |-
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: firefly-iii
    spec:
      template:
        spec:
          containers:
          - name: firefly-iii
            env:
            - name: DB_PASSWORD_FILE
              value: /run/secrets/postgresql/password
            volumeMounts:
            - name: db-secret
              mountPath: /run/secrets/postgresql
              readOnly: true
          volumes:
          - name: db-secret
            secret:
              secretName: firefly-iii.firefly.default.credentials.postgresql.acid.zalan.do
              defaultMode: 0440