Grafana could not set secret values in a safe way

[SharpEdgeMarshall]

Is this a request for help?: No

---

Is this a BUG REPORT or FEATURE REQUEST? (choose one): Feature

Version of Helm and Kubernetes: Any

Which chart: Grafana

What happened: Actually the chart allows only to set secret values by inserting them in the grafana.ini value (that will go in the ConfigMap) or setting them in extraEnv value (that will go in cleartext as env vars).

What you expected to happen: I Expect to be able to configure secret values using Kubernetes Secrets

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know:

[ebabani]

This is fixed by #3965

You can set env variables from secrets with extraEnv now.

  extraEnv:
  - name: GF_AUTH_GITHUB_CLIENT_ID
    valueFrom:
      secretKeyRef:
        name: grafana-secret
        key: GF_AUTH_GITHUB_CLIENT_ID

[andybug]

This doesn't work anymore. The change to env from extraEnv only allows you to reference key/values from the values file. There's no way to do a secretKeyRef.

{{- range $key, $value := .Values.env }}
            - name: "{{ $key }}"
              value: "{{ $value }}"
{{- end }}

[ebabani]

@andybug Looks like it was reverted in #4713

Feel free to open a new issue or send the PR again. I won't have time to do it anytime soon.