fix(helm-chart): replace envFromSecret with more broad extraEnvFrom

fix(helm-chart): refactored Stateful set for readability.
fix(helm-chart): added missing extra* variables to StatefulSet and README.
fix(helm-chart): added sensible defaults for extra* settings.

deploy/charts/emqx/README.md

@@ -39,7 +39,6 @@ Parameter  | Description | Default Value
 `image.repository` | EMQ X Image repository | `emqx/emqx`
 `image.pullPolicy`  | The image pull policy  | `IfNotPresent`
 `image.pullSecrets `  | The image pull secrets (does not add image pull secrets to deployed pods)  |``[]``
-`envFromSecret` | The name pull a secret in the same kubernetes namespace which contains values that will be added to the environment | `nil`
 `recreatePods` | Forces the recreation of pods during upgrades, which can be useful to always apply the most recent configuration. | `false`
 `persistence.enabled` | Enable EMQX persistence using PVC | `false`
 `persistence.storageClass` | Storage class of backing PVC (uses alpha storage class annotation) | `nil`
@@ -86,6 +85,11 @@ Parameter  | Description | Default Value
 `ingress.wss.hosts` | Ingress hosts for EMQX WSS |    `wss.emqx.local`
 `ingress.wss.tls` | Ingress tls for EMQX WSS |	`[]`
 `ingress.wss.annotations` | Ingress annotations for EMQX WSS |	`{}`
+`extraEnv` | Aditional container env vars | `[]`
+`extraEnvFrom` | Aditional container env from vars (eg. [config map](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/), [secrets](https://kubernetes.io/docs/concepts/configuration/secret/) | `[]`
+`extraArgs` | Additional container executable arguments | `[]`
+`extraVolumes` | Additional container volumes (eg. for mounting certs from secrets) | `[]`
+`extraVolumeMounts` | Additional container volume mounts (eg. for mounting certs from secrets) | `[]`
 
 ## EMQx-specific
 The following table lists the configurable [EMQx](https://www.emqx.io/)-specific parameters of the chart and their default values.

deploy/charts/emqx/templates/StatefulSet.yaml

@@ -3,6 +3,10 @@
   (include (print $.Template.BasePath "/configmap.acl.yaml") .)
   (include (print $.Template.BasePath "/configmap.loadedPlugins.yaml") .)
   (include (print $.Template.BasePath "/configmap.loadedModules.yaml") .) }}
+  ## Compatible with previous misspellings
+{{ $licenseSecretName := coalesce .Values.emqxLicenseSecretName .Values.emqxLicneseSecretName }}
+{{ $image := printf "%s:%s" .Values.image.repository (default .Values.image.tag .Chart.AppVersion) }}
+
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
@@ -67,7 +71,7 @@ spec:
           - key: loaded_plugins
             path: loaded_plugins
       {{- end }}
-      {{- if .Values.emqxLoadedPlugins }}
+      {{- if .Values.emqxLoadedModules }}
       - name: emqx-loaded-modules
         configMap:
           name: {{ include "emqx.fullname" . }}-loaded-modules
@@ -93,15 +97,13 @@ spec:
           claimName: {{ tpl . $ }}
         {{- end }}
       {{- end }}
-      {{- if .Values.emqxLicenseSecretName  }}
-      - name: emqx-license
-        secret:
-          secretName: {{ .Values.emqxLicenseSecretName }}
-      ## Compatible with previous misspellings
-      {{- else if .Values.emqxLicneseSecretName }}
+      {{- if .Values.extraVolumes }}
+{{ toYaml .Values.extraVolumes | indent 6 }}
+      {{- end }}
+      {{- if $licenseSecretName }}
       - name: emqx-license
         secret:
-          secretName: {{ .Values.emqxLicneseSecretName }}
+          secretName: {{ $licenseSecretName }}
       {{- end }}
       serviceAccountName:  {{ include "emqx.fullname" . }}
       {{- if .Values.podSecurityContext.enabled }}
@@ -119,11 +121,7 @@ spec:
       {{- end }}
       containers:
         - name: emqx
-          {{- if .Values.image.tag }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-          {{- else -}}}}
-          image: "{{ .Values.image.repository }}:{{ .Chart.AppVersion }}"
-          {{- end }}
+          image: {{ $image }}
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           {{- if .Values.containerSecurityContext.enabled }}
           securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
@@ -152,8 +150,11 @@ spec:
           - name: ekka
             containerPort: 4370
           envFrom:
-            - configMapRef:
-                name: {{ include "emqx.fullname" . }}-env
+          - configMapRef:
+              name: {{ include "emqx.fullname" . }}-env
+          {{- if .Values.extraEnvFrom }}
+{{ toYaml .Values.extraEnvFrom | indent 10 }}
+          {{- end }}
           env:
           - name: EMQX_NAME
             value: {{ .Release.Name }}
@@ -165,6 +166,9 @@ spec:
             value: {{ include "emqx.fullname" . }}-headless
           - name: EMQX_CLUSTER__K8S__NAMESPACE
             value: {{ .Release.Namespace }}
+          {{- if .Values.extraEnv }}
+{{ toYaml .Values.extraEnv | indent 10 }}
+          {{- end }}
           resources:
 {{ toYaml .Values.resources | indent 12 }}
           volumeMounts:
@@ -185,18 +189,18 @@ spec:
             mountPath: "/opt/emqx/data/loaded_modules"
             subPath: "loaded_modules"
           {{- end }}
-          {{- if .Values.emqxLicenseSecretName  }}
-          - name: emqx-license
-            mountPath: "/opt/emqx/etc/emqx.lic"
-            subPath: "emqx.lic"
-            readOnly: true
-          ## Compatible with previous misspellings
-          {{ else if .Values.emqxLicneseSecretName  }}
+          {{- if $licenseSecretName }}
           - name: emqx-license
             mountPath: "/opt/emqx/etc/emqx.lic"
             subPath: "emqx.lic"
             readOnly: true
           {{ end }}
+          {{- if and .Values.extraVolumes .Values.extraVolumeMounts }}
+{{ toYaml .Values.extraVolumeMounts | indent 10 }}
+          {{- end }}
+          {{- if .Values.extraArgs }}
+          args: {{ toYaml .Values.extraArgs | nindent 10 }}
+          {{- end }}
           readinessProbe:
             httpGet:
               path: /status

deploy/charts/emqx/values.yaml

@@ -22,6 +22,26 @@ recreatePods: false
 # To redeploy a chart with existing PVC(s), the value must be set to Parallel to avoid deadlock
 podManagementPolicy: Parallel
 
+## Aditional container env vars
+##
+extraEnv: []
+
+## Aditional container env from vars
+##
+extraEnvFrom: []
+
+## Additional container executable args
+##
+extraArgs: []
+
+## Additional container volumes (eg. for mounting certs from secrets)
+##
+extraVolumes: []
+
+## Additional container volume mounts (eg. for mounting certs from secrets)
+##
+extraVolumeMounts: []
+
 persistence:
   enabled: false
   size: 20Mi