You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 lines
1.3 KiB
YAML
32 lines
1.3 KiB
YAML
---
|
|
# store the secret-name as var
|
|
# in my case, the name was very long and containing a lot of fields
|
|
# so it helps me a lot
|
|
{{- $secret_name := "your-secret-name" -}}
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: "{{ $secret_name }}"
|
|
data:
|
|
# try to get the old secret
|
|
# keep in mind, that a dry-run only returns an empty map
|
|
{{- $old_sec := lookup "v1" "Secret" .Release.Namespace $secret_name }}
|
|
|
|
# check, if a secret is already set
|
|
{{- if or (or (not $old_sec) (not $old_sec.data)) (not (index $old_sec.data "JWT_SECRET")) }}
|
|
# if not set, then generate a new password
|
|
JWT_SECRET: {{ randAlphaNum 32 | b64enc }}
|
|
{{ else }}
|
|
# if set, then use the old value
|
|
JWT_SECRET: {{ index $old_sec.data "JWT_SECRET" }}
|
|
{{ end }}
|
|
|
|
ADMIN_PASSWORD: "{{ .Values.connect.database.password | b64enc}}"
|
|
DATASOURCE_USERNAME: "{{ .Values.connect.database.username | b64enc }}"
|
|
DATASOURCE_PASSWORD: "{{ .Values.connect.database.password | b64enc }}"
|
|
ELASTIC_USERNAME: "{{ .Values.connect.database.username | b64enc }}"
|
|
ELASTIC_PASSWORD: "{{ .Values.connect.database.password | b64enc }}"
|
|
OIDC_CLIENT_SECRET: "{{ .Values.connect.oidc.client_secret | b64enc }}"
|
|
MAIL_USER: "{{ .Values.connect.mail.username | b64enc }}"
|
|
MAIL_PASSWORD: "{{ .Values.connect.mail.password | b64enc }}"
|