|
|
|
|
@ -10,21 +10,11 @@ metadata:
|
|
|
|
|
data:
|
|
|
|
|
# try to get the old secret
|
|
|
|
|
# keep in mind, that a dry-run only returns an empty map
|
|
|
|
|
{{- $old_sec := lookup "v1" "Secret" .Release.Namespace $secret_name }}
|
|
|
|
|
{{- $old_sec := lookup "v1" "Secret" .Release.Namespace $secret_name | default dict }}
|
|
|
|
|
{{- $old_sec_data := (get $old_sec "data") | default dict }}
|
|
|
|
|
|
|
|
|
|
# check, if a secret is already set
|
|
|
|
|
{{- if or (not $old_sec) (not $old_sec.data) }}
|
|
|
|
|
{{- if ($old_sec.data.JWT_SECRET) }}
|
|
|
|
|
# if set, then use the old value
|
|
|
|
|
JWT_SECRET: {{ index $old_sec.data "JWT_SECRET" }}
|
|
|
|
|
{{ else }}
|
|
|
|
|
# if not set, then generate a new password
|
|
|
|
|
JWT_SECRET: {{ randAlphaNum 32 | b64enc }}
|
|
|
|
|
{{ end }}
|
|
|
|
|
{{ else }}
|
|
|
|
|
# if not set, then generate a new password
|
|
|
|
|
JWT_SECRET: {{ randAlphaNum 32 | b64enc }}
|
|
|
|
|
{{ end }}
|
|
|
|
|
{{- $jwtSecret := (get $old_sec_data "JWT_SECRET") | default (randAlphaNum 32 | b64enc) }}
|
|
|
|
|
JWT_SECRET: {{ $jwtSecret | quote }}
|
|
|
|
|
|
|
|
|
|
ADMIN_PASSWORD: "{{ .Values.connect.database.password | b64enc}}"
|
|
|
|
|
DATASOURCE_USERNAME: "{{ .Values.connect.database.username | b64enc }}"
|
|
|
|
|
|
Sven Ketelsen
4 years ago