Skip to content

PILOT-9638: pilotx chart 1.10.0 — bridge config + GCP Secret Manager toggle#283

Open
vadimsoltan wants to merge 2 commits intomainfrom
feature/PILOT-9638-pilotx-bridge-config
Open

PILOT-9638: pilotx chart 1.10.0 — bridge config + GCP Secret Manager toggle#283
vadimsoltan wants to merge 2 commits intomainfrom
feature/PILOT-9638-pilotx-bridge-config

Conversation

@vadimsoltan
Copy link
Copy Markdown
Contributor

@vadimsoltan vadimsoltan commented May 7, 2026
edited
Loading

Summary

Adds optional Samba bridge integration to the pilotx chart, gated on appConfig.bridge.enabled. When enabled, the backend deployment receives the env vars needed to expose the internal bridge endpoints and provision per-share SMB password secrets in GCP Secret Manager. Bumps chart 1.9.01.10.1 and re-packages docs/ index per the README contribution flow.

ADR021 reference

  • §Auth — bridge bearer token shared between backend (validates incoming bridge calls) and bridge VM (presents on outgoing reconcile calls)
  • §Deployment — env-specific bridge_id matches the bridge VM's Terraform module input per environment

What the chart now produces

When appConfig.bridge.enabled=true:

- name: PILOTX_BRIDGE_ID
  value: "lab-dev-samba-bridge"            # from appConfig.bridge.bridgeId
- name: PILOTX_BRIDGE_PASSWORD_SECRET_PREFIX
  value: "project-share"                    # from appConfig.bridge.passwordSecretPrefix
- name: PILOTX_BRIDGE_API_TOKEN
  valueFrom:
    secretKeyRef:
      name: pilotx-bridge-token             # from bridgeSecret.existingSecret
      key: PILOTX_BRIDGE_API_TOKEN          # from bridgeSecret.secretKeys.apiToken

Always (regardless of bridge.enabled):

- name: PILOTX_GCP_SECRETMANAGER_ENABLED
  value: "false"                            # from appConfig.gcp.secretManagerEnabled

Validation

  • appConfig.bridge.enabled=true without bridgeSecret.existingSecrethelm template hard-fails with a clear message
  • appConfig.bridge.enabled=true without appConfig.bridge.bridgeId → hard-fails

Verified with helm template:

  • Default values: bridge env vars omitted, secret-manager toggle = false
  • Enabled with valid config: all four env vars render correctly ✓
  • Enabled with missing required: hard fails ✓

Per-environment values (set by chart consumers)

appConfig:
  bridge:
    enabled: true
    bridgeId: lab-dev-samba-bridge          # or lab-staging-samba-bridge, etc.
  gcp:
    secretManagerEnabled: true
bridgeSecret:
  existingSecret: pilotx-bridge-auth-token  # synced from GCP Secret Manager via External Secrets Operator

The K8s secret should be sourced from GCP Secret Manager (e.g. via External Secrets Operator) and reference the same value as the bridge VM's controller_auth_secret_id Terraform module input.

Test plan

  • helm lint pilotx passes with default values
  • helm template renders correctly with bridge disabled (default)
  • helm template renders correctly with bridge enabled + valid config
  • helm template hard-fails with bridge enabled + missing required fields
  • helm package produces pilotx-1.10.1.tgz
  • helm repo index updates docs/index.yaml without dropping other chart entries

@vadimsoltan @claude
PILOT-9638: pilotx chart 1.10.0 — bridge config + GCP Secret Manager …
a798788 
…toggle

Adds optional Samba bridge integration to the pilotx Helm chart, gated on
appConfig.bridge.enabled. When enabled, the backend deployment receives:

  - PILOTX_BRIDGE_ID                    (from appConfig.bridge.bridgeId)
  - PILOTX_BRIDGE_PASSWORD_SECRET_PREFIX (from appConfig.bridge.passwordSecretPrefix)
  - PILOTX_BRIDGE_API_TOKEN             (secretKeyRef into bridgeSecret.existingSecret)

These match the variables wired in pilot-gcp-infra (PILOT-9638) and consumed by the
bridge endpoints PR (PILOT-9633) plus the lifecycle service (PILOT-9632).

Also adds PILOTX_GCP_SECRETMANAGER_ENABLED (always emitted, defaults to false)
gating the backend's per-share password creation in Secret Manager (PILOT-9857).
Should be set to true in any environment where the bridge is enabled.

Validation:
- appConfig.bridge.enabled=true requires bridgeSecret.existingSecret
- appConfig.bridge.enabled=true requires appConfig.bridge.bridgeId

Bumps chart version 1.9.0 -> 1.10.0 and re-packages docs/ index per the
README contribution flow.

Cross-repo dependencies for end-to-end functionality (none of these block
this PR's merge, but bridge integration won't be functional until they all
land):

  - pilotx PR #133 (PILOT-9631 persistence)
  - pilotx PR #134 (PILOT-9632 lifecycle)
  - pilotx PR #135 (PILOT-9633 bridge API)
  - pilotx PR #148 (PILOT-9857 secret manager)
  - pilot-gcp-terraform-modules PRs #27/#28/#29 + 0.2.0 tag
  - pilot-gcp-infra PR #112 (PILOT-9638 env wiring)

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
@vadimsoltan vadimsoltan requested a review from a team as a code owner May 7, 2026 20:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vadimsoltan