srx/fab-city-os-core-chart
1
0
Fork 0
mirror of https://gitlab.fabcity.hamburg/software/fab-city-os-core-chart.git synced 2024-09-19 20:08:53 +02:00
Code Packages Projects Releases Activity

seperated secrets from config

Browse source
This commit is contained in:
Sebastian Wendel 2022-06-22 16:04:02 +02:00
parent effafbeb1d
commit a920db92fd
No known key found for this signature in database
GPG key ID: 1422B7DF78144640
2 changed files with 43 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
templates/secrets-database.yaml Normal file
View file

@ -0,0 +1,18 @@
{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.existingSecret) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ printf "%s-database" (include "common.names.fullname" .) }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque
data:
{{ include "fcoscore.database.secretPasswordKey" . }}: {{ .Values.externalDatabase.password | b64enc | quote }}
{{ include "fcoscore.database.secretPostgresPasswordKey" . }}: {{ .Values.externalDatabase.postgresPassword | b64enc | quote }}
{{- end }}

25
templates/secrets-fcoscore.yaml Normal file
View file

@ -0,0 +1,25 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque
data:
seeds_pw: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-discourse" (include "common.names.fullname" .)) "key" "seeds_pw" "providedValues" (list "auth.password") "context" $) }}
meili_master_key: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "meili_master_key" "providedValues" (list "fcoscore.meili_master_key") "context" $) }}
encryption_salt: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "encryption_salt" "providedValues" (list "fcoscore.encryption_salt") "context" $) }}
secret_key_base: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "secret_key_base" "providedValues" (list "fcoscore.secret_key_base") "context" $) }}
signing_salt: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "signing_salt" "providedValues" (list "fcoscore.signing_salt") "context" $) }}
github_token: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "github_token" "providedValues" (list "fcoscore.github_token") "context" $) }}
web_push_private_key: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "web_push_private_key" "providedValues" (list "fcoscore.web_push_private_key") "context" $) }}
{{- if and .Values.smtp.enabled .Values.smtp.password (not .Values.smtp.existingSecret) }}
smtp_password: {{ .Values.smtp.password | b64enc | quote }}
smtp_api_key: {{ .Values.smtp.api_key | b64enc | quote }}
{{- end }}