feat: Helm chart secret optimisations + use longhorn

[sam1357]

No description provided.

[github-actions]

🎯 Helmfile Diff (prod)

⚠️ Changes detected:

Adding repo chartmuseum https://chartmuseum.masterofcubesau.com
"chartmuseum" has been added to your repositories

Comparing release=macroservices, chart=chartmuseum/generic-app, namespace=macroservices-prod
macroservices-prod, macroservices-backend, Deployment (apps) has changed:
  # Source: generic-app/templates/deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    name: macroservices-backend
    namespace: macroservices-prod
  spec:
    selector:
      matchLabels:
        app: macroservices-backend
    replicas: 1
    template:
      metadata:
        labels:
          app: macroservices-backend
      spec:
        containers:
          - name: macroservices-backend
            image: mocbotau/cloud:macroservices-backend-prod
            imagePullPolicy: Always
            ports:
              - containerPort: 80
            readinessProbe:
              httpGet:
                path: /api/v3/healthcheck
                port: 8000
              initialDelaySeconds: 5
              periodSeconds: 10
              timeoutSeconds: 1
            envFrom:
              - configMapRef:
                  name: env-macroservices-backend
            volumeMounts:
-             - name: vol-backend-data
+             - name: macroservices-backend-data-longhorn
                mountPath: /app/persistence
                readOnly: false
              - name: secrets-macroservices-backend
                mountPath: /secrets
                readOnly: true
        volumes:
-         - name: vol-backend-data
+         - name: macroservices-backend-data-longhorn
            persistentVolumeClaim:
-             claimName: vol-backend-data
+             claimName: macroservices-backend-data-longhorn
          - name: secrets-macroservices-backend
            csi:
              driver: secrets-store.csi.k8s.io
              readOnly: true
              volumeAttributes:
                secretProviderClass: secrets-macroservices-backend
macroservices-prod, macroservices-frontend, Deployment (apps) has changed:
  # Source: generic-app/templates/deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    name: macroservices-frontend
    namespace: macroservices-prod
  spec:
    selector:
      matchLabels:
        app: macroservices-frontend
    replicas: 1
    template:
      metadata:
        labels:
          app: macroservices-frontend
      spec:
        containers:
          - name: macroservices-frontend
            image: mocbotau/cloud:macroservices-frontend-prod
            imagePullPolicy: Always
            ports:
              - containerPort: 80
            readinessProbe:
              httpGet:
                path: /
                port: 3000
              initialDelaySeconds: 5
              periodSeconds: 10
              timeoutSeconds: 1
            envFrom:
              - configMapRef:
                  name: env-macroservices-frontend
              - secretRef:
                  name: secrets-macroservices-frontend
            volumeMounts:
-             - name: vol-frontend-data
+             - name: macroservices-frontend-data-longhorn
                mountPath: /app/persistence
                readOnly: false
              - name: secrets-macroservices-frontend
                mountPath: /secrets
                readOnly: true
        volumes:
-         - name: vol-frontend-data
+         - name: macroservices-frontend-data-longhorn
            persistentVolumeClaim:
-             claimName: vol-frontend-data
+             claimName: macroservices-frontend-data-longhorn
          - name: secrets-macroservices-frontend
            csi:
              driver: secrets-store.csi.k8s.io
              readOnly: true
              volumeAttributes:
                secretProviderClass: secrets-macroservices-frontend
macroservices-prod, secrets-macroservices-frontend, SecretProviderClass (secrets-store.csi.x-k8s.io) has changed:
  # Source: generic-app/templates/secrets.yaml
  apiVersion: secrets-store.csi.x-k8s.io/v1
  kind: SecretProviderClass
  metadata:
    name: secrets-macroservices-frontend
    namespace: macroservices-prod
  spec:
    provider: infisical
    parameters:
      infisicalUrl: https://infisical.masterofcubesau.com
      authMethod: kubernetes
      useDefaultAudience: "true"
      identityId: 914bf541-154a-498e-abc8-25955b59dcb6
      projectId: 1523620a-e2b9-4772-a5b3-99db47e19172
      envSlug: prod
      secrets: |
        - secretPath: "/"
          fileName: "backend-api-key"
          secretKey: "BACKEND_API_KEY"
        - secretPath: "/"
-         fileName: "cookie-key"
+         fileName: "next-public-cookie-key"
          secretKey: "NEXT_PUBLIC_COOKIE_KEY"
        - secretPath: "/"
          fileName: "mail-user"
          secretKey: "MAIL_USER"
        - secretPath: "/"
          fileName: "mail-pass"
          secretKey: "MAIL_PASS"
        - secretPath: "/"
          fileName: "nextauth-secret"
          secretKey: "NEXTAUTH_SECRET"
        - secretPath: "/"
          fileName: "google-client-id"
          secretKey: "GOOGLE_CLIENT_ID"
        - secretPath: "/"
          fileName: "google-client-secret"
          secretKey: "GOOGLE_CLIENT_SECRET"
        - secretPath: "/"
          fileName: "github-client-id"
          secretKey: "GITHUB_CLIENT_ID"
        - secretPath: "/"
          fileName: "github-client-secret"
          secretKey: "GITHUB_CLIENT_SECRET"
    secretObjects:
      - secretName: secrets-macroservices-frontend
        type: Opaque
        data:
          - objectName: "backend-api-key"
            key: "BACKEND_API_KEY"
-         - objectName: "cookie-key"
+         - objectName: "next-public-cookie-key"
            key: "NEXT_PUBLIC_COOKIE_KEY"
          - objectName: "mail-user"
            key: "MAIL_USER"
          - objectName: "mail-pass"
            key: "MAIL_PASS"
          - objectName: "nextauth-secret"
            key: "NEXTAUTH_SECRET"
          - objectName: "google-client-id"
            key: "GOOGLE_CLIENT_ID"
          - objectName: "google-client-secret"
            key: "GOOGLE_CLIENT_SECRET"
          - objectName: "github-client-id"
            key: "GITHUB_CLIENT_ID"
          - objectName: "github-client-secret"
            key: "GITHUB_CLIENT_SECRET"
macroservices-prod, vol-backend-data, PersistentVolumeClaim (v1) has been removed:
- # Source: generic-app/templates/volume.yaml
- apiVersion: v1
- kind: PersistentVolumeClaim
- metadata:
-   name: vol-backend-data
-   namespace: macroservices-prod
- spec:
-   accessModes:
-     - ReadWriteOnce
-   storageClassName: local-path
-   resources:
-     requests:
-       storage: 1Gi
+ 
macroservices-prod, vol-frontend-data, PersistentVolumeClaim (v1) has been removed:
- # Source: generic-app/templates/volume.yaml
- apiVersion: v1
- kind: PersistentVolumeClaim
- metadata:
-   name: vol-frontend-data
-   namespace: macroservices-prod
- spec:
-   accessModes:
-     - ReadWriteOnce
-   storageClassName: local-path
-   resources:
-     requests:
-       storage: 1Gi
+ 
macroservices-prod, macroservices-backend-data-longhorn, PersistentVolumeClaim (v1) has been added:
- 
+ # Source: generic-app/templates/volume.yaml
+ apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+   name: macroservices-backend-data-longhorn
+   namespace: macroservices-prod
+ spec:
+   accessModes:
+     - ReadWriteOncePod
+   storageClassName: longhorn
+   resources:
+     requests:
+       storage: 1Gi
macroservices-prod, macroservices-frontend-data-longhorn, PersistentVolumeClaim (v1) has been added:
- 
+ # Source: generic-app/templates/volume.yaml
+ apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+   name: macroservices-frontend-data-longhorn
+   namespace: macroservices-prod
+ spec:
+   accessModes:
+     - ReadWriteOncePod
+   storageClassName: longhorn
+   resources:
+     requests:
+       storage: 1Gi

Affected releases are:
  macroservices (chartmuseum/generic-app) UPDATED

Identified at least one change