feat(cluster): add support for env and envFrom

- introduce `cluster.env` and `cluster.envFrom` in values.yaml
- render them conditionally in templates/cluster.yaml under the Postgres container

Author: Sahaquielxo

charts/cloudnative-pg/README.md

@@ -81,3 +81,5 @@ CloudNativePG Operator Helm Chart
 | updateStrategy | object | `{}` | Update strategy for the operator. ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy For example:  type: RollingUpdate  rollingUpdate:    maxSurge: 25%    maxUnavailable: 25% |
 | webhook | object | `{"livenessProbe":{"initialDelaySeconds":3},"mutating":{"create":true,"failurePolicy":"Fail"},"port":9443,"readinessProbe":{"initialDelaySeconds":3},"startupProbe":{"failureThreshold":6,"periodSeconds":5},"validating":{"create":true,"failurePolicy":"Fail"}}` | The webhook configuration. |
 
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)

charts/cluster/README.md

@@ -155,6 +155,8 @@ refer to  the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat
 | cluster.certificates | object | `{}` | The configuration for the CA and related certificates. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-CertificatesConfiguration |
 | cluster.enablePDB | bool | `true` | Allow to disable PDB, mainly useful for upgrade of single-instance clusters or development purposes See: https://cloudnative-pg.io/documentation/current/kubernetes_upgrade/#pod-disruption-budgets |
 | cluster.enableSuperuserAccess | bool | `true` | When this option is enabled, the operator will use the SuperuserSecret to update the postgres user password. If the secret is not present, the operator will automatically create one. When this option is disabled, the operator will ignore the SuperuserSecret content, delete it when automatically created, and then blank the password of the postgres user by setting it to NULL. |
+| cluster.env | list | `[]` | Env follows the Env format to pass environment variables to the pods created in the cluster |
+| cluster.envFrom | list | `[]` | EnvFrom follows the EnvFrom format to pass environment variables sources to the pods to be used by Env |
 | cluster.imageCatalogRef | object | `{}` | Reference to `ImageCatalog` of `ClusterImageCatalog`, if specified takes precedence over `cluster.imageName` |
 | cluster.imageName | string | `""` | Name of the container image, supporting both tags (<image>:<tag>) and digests for deterministic and repeatable deployments: <image>:<tag>@sha256:<digestValue> |
 | cluster.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images |
@@ -307,3 +309,5 @@ TODO
 * IAM Role for S3 Service Account
 * Automatic provisioning of a Alert Manager configuration
 
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)

charts/cluster/templates/cluster.yaml

@@ -42,6 +42,14 @@ spec:
   affinity:
     {{- toYaml . | nindent 4 }}
   {{- end }}
+  {{- if .Values.cluster.env }}
+  env:
+  {{ toYaml .Values.cluster.env | indent 4 }}
+  {{- end }}
+  {{- if .Values.cluster.envFrom }}
+  envFrom:
+  {{ toYaml .Values.cluster.envFrom | indent 4 }}
+  {{- end }}
   {{- if .Values.cluster.priorityClassName }}
   priorityClassName: {{ .Values.cluster.priorityClassName }}
   {{- end }}

charts/cluster/values.schema.json

@@ -1,5 +1,5 @@
 {
-    "$schema": "http://json-schema.org/schema#",
+    "$schema": "https://json-schema.org/draft/2020-12/schema",
     "type": "object",
     "properties": {
         "backups": {
@@ -193,6 +193,12 @@
                 "enableSuperuserAccess": {
                     "type": "boolean"
                 },
+                "env": {
+                    "type": "array"
+                },
+                "envFrom": {
+                    "type": "array"
+                },
                 "imageCatalogRef": {
                     "type": "object"
                 },

charts/cluster/values.yaml

@@ -249,6 +249,32 @@ cluster:
   affinity:
     topologyKey: topology.kubernetes.io/zone
 
+  # -- Env follows the Env format to pass environment variables to the pods created in the cluster
+  env: []
+    # - name: MY_CUSTOM_FLAG
+    #   value: "enabled"
+    # - name: MY_CUSTROM_ENV
+    #   valueFrom:
+    #     configMapKeyRef:
+    #       name: my-custom-env
+    #       key: env
+    #       optional: true
+    # - name: MY_CUSTOM_SECRET_ENV
+    #   valueFrom:
+    #     secretKeyRef:
+    #       name: my-custom-secret
+    #       key: secret
+    #       optional: true
+
+  # -- EnvFrom follows the EnvFrom format to pass environment variables sources to the pods to be used by Env
+  envFrom: []
+    # - configMapRef:
+    #     name: global-envs
+    #     optional: true
+    # - secretRef:
+    #     name: db-credentials
+    #     optional: true
+
   # -- The configuration for the CA and related certificates.
   # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-CertificatesConfiguration
   certificates: {}