Fix Gitea Valkey auth: inject password via env var interpolation

Valkey requires authentication. Use additionalConfigFromEnvs to read the password from valkey-credentials secret and interpolate it into the Redis URLs for cache and session config.
2026-03-21 15:58:48 +00:00
parent a3c73dccb0
commit e78807bff1
1 changed files with 9 additions and 2 deletions
--- a/infra/kubernetes/platform/gitea/application.yaml
+++ b/infra/kubernetes/platform/gitea/application.yaml
@@ -32,6 +32,15 @@ spec:
                secretKeyRef:
                  name: gitea-pg-credentials
                  key: password
+            - name: VALKEY_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: valkey-credentials
+                  key: password
+            - name: GITEA__cache__HOST
+              value: redis://:$(VALKEY_PASSWORD)@valkey.platform.svc:6379/0
+            - name: GITEA__session__PROVIDER_CONFIG
+              value: redis://:$(VALKEY_PASSWORD)@valkey.platform.svc:6379/1
          config:
            database:
              DB_TYPE: postgres
@@ -40,10 +49,8 @@ spec:
              USER: gitea
            cache:
              ADAPTER: redis
-              HOST: redis://valkey.platform.svc:6379/0
            session:
              PROVIDER: redis
-              PROVIDER_CONFIG: redis://valkey.platform.svc:6379/1
            server:
              DOMAIN: gitea.coreworlds.io
              ROOT_URL: https://gitea.coreworlds.io