---
apiVersion: v1
kind: Secret
metadata:
  name: "connect-secrets"
  annotations:
    "helm.sh/resource-policy": "keep"
{{- $previous := lookup "v1" "Secret" .Release.Namespace "connect-secrets" }}
data:
  {{- if $previous }}
  {{- $previousSecret := index $previous "data" "SOME_SECRET" }}
  {{- if $previousSecret }}
  SOME_SECRET_OLD: {{ $previousSecret }}
  SOME_SECRET_OLD1: {{ $previousSecret }}
  {{- end }}
  SOME_SECRET: {{ $previous.data.SOME_SECRET }}
  {{- else if .Values.connect.jwt.secret }}
  SOME_SECRET: {{ .Values.connect.jwt.secret | b64enc | quote }}
  {{- else }}
  SOME_SECRET: {{ randAlphaNum 32 | b64enc | quote }}
  {{- end }}

  JWT_SECRET: "{{ .Values.connect.jwt.secret | b64enc }}"
  ADMIN_PASSWORD: "{{ .Values.connect.database.password | b64enc }}"
  DATASOURCE_USERNAME: "{{ .Values.connect.database.username | b64enc }}"
  DATASOURCE_PASSWORD: "{{ .Values.connect.database.password | b64enc }}"
  ELASTIC_USERNAME: "{{ .Values.connect.database.username | b64enc }}"
  ELASTIC_PASSWORD: "{{ .Values.connect.database.password | b64enc }}"
  OIDC_CLIENT_SECRET: "{{ .Values.connect.oidc.client_secret | b64enc }}"
  MAIL_USER: "{{ .Values.connect.mail.username | b64enc }}"
  MAIL_PASSWORD: "{{ .Values.connect.mail.password | b64enc }}"

  TEST: "1"