argocd
/
smardigo-mobene
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: secrets

Browse Source
main
Sven Ketelsen 4 years ago
parent 91153130f2
commit 68696ec695
1 changed files with 21 additions and 5 deletions
Show Stats Download Patch File Download Diff File

24
smardigo/templates/connect/secret.yml
Unescape Escape View File

@ -1,6 +1,4 @@
# store the secret-name as var # store the secret-name as variable
# in my case, the name was very long and containing a lot of fields
# so it helps me a lot
{{- $secret_name := "connect-secrets" -}} {{- $secret_name := "connect-secrets" -}}
--- ---
apiVersion: v1 apiVersion: v1
@ -9,8 +7,14 @@ metadata:
name: "{{ $secret_name }}" name: "{{ $secret_name }}"
annotations: annotations:
"helm.sh/resource-policy": "keep" "helm.sh/resource-policy": "keep"
{{- $previous := lookup "v1" "Secret" .Release.Namespace $secret_name }}
data: data:
# try to get the old secrets
# keep in mind, that a dry-run only returns an empty map
{{- $previous := lookup "v1" "Secret" .Release.Namespace $secret_name }}
# check, if a secret is already set
{{- if or (not $previous) (not $previous.data) }}
# if not set, then generate a new password
JWT_SECRET: "{{ .Values.connect.jwt.secret | b64enc }}" JWT_SECRET: "{{ .Values.connect.jwt.secret | b64enc }}"
ADMIN_PASSWORD: "{{ .Values.connect.database.password | b64enc }}" ADMIN_PASSWORD: "{{ .Values.connect.database.password | b64enc }}"
DATASOURCE_USERNAME: "{{ .Values.connect.database.username | b64enc }}" DATASOURCE_USERNAME: "{{ .Values.connect.database.username | b64enc }}"
@ -20,3 +24,15 @@ data:
OIDC_CLIENT_SECRET: "{{ .Values.connect.oidc.client_secret | b64enc }}" OIDC_CLIENT_SECRET: "{{ .Values.connect.oidc.client_secret | b64enc }}"
MAIL_USER: "{{ .Values.connect.mail.username | b64enc }}" MAIL_USER: "{{ .Values.connect.mail.username | b64enc }}"
MAIL_PASSWORD: "{{ .Values.connect.mail.password | b64enc }}" MAIL_PASSWORD: "{{ .Values.connect.mail.password | b64enc }}"
{{ else }}
# if set, then use the old value
JWT_SECRET: "{{ index $old_sec.data "JWT_SECRET" }}"
ADMIN_PASSWORD: "{{ index $old_sec.data "JWT_SECRET" }}"
DATASOURCE_USERNAME: "{{ index $old_sec.data "JWT_SECRET" }}"
DATASOURCE_PASSWORD: "{{ index $old_sec.data "JWT_SECRET" }}"
ELASTIC_USERNAME: "{{ index $old_sec.data "JWT_SECRET" }}"
ELASTIC_PASSWORD: "{{ index $old_sec.data "JWT_SECRET" }}"
OIDC_CLIENT_SECRET: "{{ index $old_sec.data "JWT_SECRET" }}"
MAIL_USER: "{{ index $old_sec.data "JWT_SECRET" }}"
MAIL_PASSWORD: "{{ index $old_sec.data "JWT_SECRET" }}"
{{ end }}

Write Preview
Loading…
Cancel
Save