# ask-ai

lorenzo tenti

03/06/2024, 4:39 PM
How do I use envSecrets in Helm deployments?


03/06/2024, 4:39 PM
To use
in Helm deployments for Dagster, you can specify secrets that should be included as environment variables in your Kubernetes Pods. This is particularly useful for injecting sensitive information such as database passwords or API keys into your application without hardcoding them into your source code or Docker images. Here's a step-by-step guide based on the documentation: 1. Add the Dagster Helm repository: First, you need to add the Dagster Helm repository to your Helm client if you haven't already done so:
Copy code
helm repo add dagster-cloud <>    helm repo update
2. View the Helm chart values: To understand the different customizations you can apply, including how to configure
, you can view the chart's default values:
Copy code
helm show values dagster-cloud/dagster-cloud-agent
Alternatively, you can view the chart values on ArtifactHub. 3. Configure
: In your Helm values file, you can specify the
under the appropriate section. For example, if you want to add secrets to all Kubernetes Pods spun up by the agent, you can specify your configuration under the
value of the Helm chart. Here's an example snippet from a Helm values file:
Copy code
yaml    workspace:      envSecrets:        - name: my-secret
In this example,
is the name of the Kubernetes Secret you want to inject into your Pods. 4. Reference the Secret in a Pod: The documentation provides an example of how to reference a Secret in a Pod's specification:
Copy code
yaml    apiVersion: v1    kind: Pod    metadata:      name: my-app    spec:      containers:        - name: my-container          image: my-image          env:            - name: DB_PASSWORD              valueFrom:                secretKeyRef:                  name: app-secrets                  key: DB_PASSWORD
In this example, the
environment variable is set to the value of the
key in the
Secret. 5. Deploy or update your Helm release: Once you have configured the
in your values file, you can deploy or update your Helm release with the new configuration:
Copy code
helm upgrade --install my-release dagster-cloud/dagster-cloud-agent -f my-values.yaml
Remember to replace
, and other placeholders with your actual release name and values file. Also, ensure that the Kubernetes Secret (
in the example) exists in the same namespace where you are deploying your Helm release. For more detailed information and options, you should refer to the specific documentation for the Dagster Helm chart and Kubernetes Secrets.