|
|
|
|
@ -1,23 +1,23 @@
|
|
|
|
|
# store the secret-name as var
|
|
|
|
|
# in my case, the name was very long and containing a lot of fields
|
|
|
|
|
# so it helps me a lot
|
|
|
|
|
{{- $secret_name := "connect-secrets" -}}
|
|
|
|
|
---
|
|
|
|
|
apiVersion: v1
|
|
|
|
|
kind: Secret
|
|
|
|
|
metadata:
|
|
|
|
|
name: "{{ $secret_name }}"
|
|
|
|
|
name: "connect-secrets"
|
|
|
|
|
annotations:
|
|
|
|
|
"helm.sh/resource-policy": "keep"
|
|
|
|
|
{{- $previous := lookup "v1" "Secret" .Release.Namespace "connect-secrets" }}
|
|
|
|
|
data:
|
|
|
|
|
# retrieve the secret data using lookup function and when not exists, return an empty dictionary / map as result
|
|
|
|
|
{{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "connect-secrets") | default dict }}
|
|
|
|
|
{{- $secretData := (get $secretObj "data") | default dict }}
|
|
|
|
|
# set $jwtSecret to existing secret data or generate a random one when not exists
|
|
|
|
|
{{- $someSecret := (get $secretData "some-secret") | default (randAlphaNum 32 | b64enc) }}
|
|
|
|
|
some-secret: {{ $someSecret | b64enc | quote }}
|
|
|
|
|
some-secret1: {{ $someSecret | b64enc | quote }}
|
|
|
|
|
some-secret2: {{ $someSecret | b64enc | quote }}
|
|
|
|
|
{{- if $previous }}
|
|
|
|
|
{{- $previousSecret := index $previous "data" "some-secret" }}
|
|
|
|
|
{{- if $previousSecret }}
|
|
|
|
|
SOME_SECRET_OLD: {{ $previousSecret }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
SOME_SECRET: {{ $previous.data.SOME_SECRET }}
|
|
|
|
|
{{- else if .Values.connect.jwt.secret }}
|
|
|
|
|
SOME_SECRET: {{ .Values.connect.jwt.secret | b64enc | quote }}
|
|
|
|
|
{{- else }}
|
|
|
|
|
SOME_SECRET: {{ randAlphaNum 32 | b64enc | quote }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
|
|
|
|
|
JWT_SECRET: "{{ .Values.connect.jwt.secret | b64enc }}"
|
|
|
|
|
ADMIN_PASSWORD: "{{ .Values.connect.database.password | b64enc }}"
|
|
|
|
|
|
Sven Ketelsen
4 years ago