Re: [PR] Don't render any etcd resources if etcd is not being used [apisix-helm-chart]

Tue, 23 Dec 2025 15:18:26 -0800 


gamer22026 commented on PR #927:
URL: 
https://github.com/apache/apisix-helm-chart/pull/927#issuecomment-3688193395

   # Code Explanation
   
   ## File: `./etcd-secret.yaml`
   **Line 1:**
   ```yaml
   {{- if and (or (and .Values.etcd.enabled .Values.etcd.auth.rbac.create) (and 
(not .Values.etcd.enabled) .Values.externalEtcd.user)) (or (and 
.Values.apisix.deployment.role_traditional (eq 
.Values.apisix.deployment.role_traditional.config_provider "etcd")) (and 
.Values.apisix.deployment.role_data_plane (eq 
.Values.apisix.deployment.role_data_plane.config_provider "etcd")) (and 
.Values.apisix.deployment.role_control_plane (eq 
.Values.apisix.deployment.role_control_plane.config_provider "etcd"))) }}
   ```
   **Explanation:**
   This line is a Helm template conditional directive. It acts as a guard to 
decide whether the entire `Secret` resource defined in this file should be 
rendered.
   
   The condition evaluates to `true` (and thus generates the Secret) if:
   1.  **ETCD Auth is needed:** Either the in-chart ETCD is enabled with RBAC 
(`etcd.enabled` AND `etcd.auth.rbac.create`) OR an external ETCD user is 
provided (`externalEtcd.user`).
       *AND*
   2.  **APISIX uses ETCD:** The APISIX deployment role (Traditional, Data 
Plane, or Control Plane) is explicitly configured to use "etcd" as its 
`config_provider`.
   
   ## File: `./deployment.yaml`
   **Line 95:**
   ```yaml
   {{- if and (or (and .Values.etcd.enabled .Values.etcd.auth.rbac.create) (and 
(not .Values.etcd.enabled) .Values.externalEtcd.user)) (or (and 
.Values.apisix.deployment.role_traditional (eq 
.Values.apisix.deployment.role_traditional.config_provider "etcd")) (and (not 
.Values.apisix.deployment.role_traditional) (or (and 
.Values.apisix.deployment.role_data_plane (eq 
.Values.apisix.deployment.role_data_plane.config_provider "etcd")) (and 
.Values.apisix.deployment.role_control_plane (eq 
.Values.apisix.deployment.role_control_plane.config_provider "etcd"))))) }}
   ```
   **Explanation:**
   This line uses the same logic as the secret file but is applied within the 
`Deployment` spec. It controls whether the `APISIX_ETCD_PASSWORD` environment 
variable (which would follow this line) is injected into the APISIX container.
   
   It ensures that the application only attempts to load the ETCD password 
environment variable when ETCD authentication is actually configured and 
relevant for the current deployment mode.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to