mirrors/oneuptime
1
0
Fork 0
mirror of https://github.com/OneUptime/oneuptime synced 2024-11-21 22:59:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1725 from fzamperin/master

Browse Source 
Refactor changing secret values from data to stringData
This commit is contained in:
Simon Larsen 2024-10-01 16:51:44 +01:00 committed by GitHub
commit cc0670c291
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 20 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
HelmChart/Public/oneuptime/templates/secrets.yaml
View File

@ -5,33 +5,32 @@ metadata:
annotations:
"helm.sh/resource-policy": "keep"
type: Opaque
data:
stringData:
## Secrets Change when the release is upgraded
## https://github.com/helm/helm-www/issues/1259
## This is a workaround to keep the secrets unchanged
{{- if .Release.IsUpgrade }}
internal-smtp: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "internal-smtp" }}
oneuptime-secret: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "oneuptime-secret" }}
encryption-secret: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "encryption-secret" }}
internal-smtp: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "internal-smtp" | b64dec }}
oneuptime-secret: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "oneuptime-secret" | b64dec }}
encryption-secret: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "encryption-secret" | b64dec }}
{{- range $key, $val := $.Values.probes }}
{{- if (index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data (printf "probe-%s" $key)) }}
{{printf "probe-%s" $key}}: {{ (index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data (printf "probe-%s" $key)) }}
{{printf "probe-%s" $key}}: {{ (index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data (printf "probe-%s" $key) | b64dec) }}
{{ else }}
{{printf "probe-%s" $key}}: {{ randAlphaNum 32 | b64enc | quote }}
{{printf "probe-%s" $key}}: {{ randAlphaNum 32 | quote }}
{{- end }}
{{- end }}
{{ else }} # install operation
internal-smtp: {{ randAlphaNum 32 | b64enc | quote }}
oneuptime-secret: {{ randAlphaNum 32 | b64enc | quote }}
encryption-secret: {{ randAlphaNum 32 | b64enc | quote }}
internal-smtp: {{ randAlphaNum 32 | quote }}
oneuptime-secret: {{ randAlphaNum 32 | quote }}
encryption-secret: {{ randAlphaNum 32 | quote }}
{{- range $key, $val := $.Values.probes }}
{{printf "probe-%s" $key}}: {{ randAlphaNum 32 | b64enc | quote }}
{{printf "probe-%s" $key}}: {{ randAlphaNum 32 | quote }}
{{- end }}
{{ end }}
@ -46,27 +45,27 @@ metadata:
annotations:
"helm.sh/resource-policy": "keep"
type: Opaque
data:
stringData:
key: "postgres"
{{- if $.Values.externalPostgres.password }}
## Add secret here for externalPostgresPassword
password: {{ $.Values.externalPostgres.password | b64enc | quote }}
password: {{ $.Values.externalPostgres.password | quote }}
{{- end }}
{{- if $.Values.externalPostgres.ssl.enabled -}}
## Add secret here for externalPostgresPassword
{{- if $.Values.externalPostgres.ssl.ca }}
ssl-ca: {{ printf "%s" $.Values.externalPostgres.ssl.ca | b64enc | quote }}
ssl-ca: {{ printf "%s" $.Values.externalPostgres.ssl.ca | quote }}
{{- end }}
{{- if $.Values.externalPostgres.ssl.cert }}
ssl-cert: {{ printf "%s" $.Values.externalPostgres.ssl.cert | b64enc | quote }}
ssl-cert: {{ printf "%s" $.Values.externalPostgres.ssl.cert | quote }}
{{- end }}
{{- if $.Values.externalPostgres.ssl.key }}
ssl-key: {{ printf "%s" $.Values.externalPostgres.ssl.key | quote | b64enc | quote }}
ssl-key: {{ printf "%s" $.Values.externalPostgres.ssl.key | quote }}
{{- end }}
{{- end -}}
@ -84,28 +83,28 @@ metadata:
annotations:
"helm.sh/resource-policy": "keep"
type: Opaque
data:
stringData:
key: "redis"
{{- if $.Values.externalRedis.password }}
## Add secret here for externalRedisPassword
password: {{ $.Values.externalRedis.password | b64enc | quote }}
password: {{ $.Values.externalRedis.password | quote }}
{{- end }}
{{- if $.Values.externalRedis.tls.enabled -}}
## Add secret here for externalRedisPassword
{{- if $.Values.externalRedis.tls.ca }}
tls-ca: {{ printf "%s" $.Values.externalRedis.tls.ca | b64enc | quote }}
tls-ca: {{ printf "%s" $.Values.externalRedis.tls.ca | quote }}
{{- end }}
{{- if $.Values.externalRedis.tls.cert }}
tls-cert: {{ printf "%s" $.Values.externalRedis.tls.cert | b64enc | quote }}
tls-cert: {{ printf "%s" $.Values.externalRedis.tls.cert | quote }}
{{- end }}
{{- if $.Values.externalRedis.tls.key }}
tls-key: {{ printf "%s" $.Values.externalRedis.tls.key | quote | b64enc | quote }}
tls-key: {{ printf "%s" $.Values.externalRedis.tls.key | quote }}
{{- end }}
{{- end -}}