Skip to content

Commit

Permalink
feat: use a normal k8s secret by default
Browse files Browse the repository at this point in the history
  • Loading branch information
MarshallAsch committed Jun 28, 2024
1 parent 0baffe1 commit ee4b083
Show file tree
Hide file tree
Showing 4 changed files with 59 additions and 29 deletions.
5 changes: 4 additions & 1 deletion charts/music-notifications/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,11 @@ The following table lists the configurable parameters of the Music-notifications
| `ingress.ingressClassName` | | `"ingress-nginx"` |
| `ingress.url` | | `""` |
| `ingress.annotations` | | `{}` |
| `secret.externalSecretKey` | | `"pms/corp/rclone-config"` |
| `secret.externalSecretKey` | | `""` |
| `secret.annotations` | | `{}` |
| `secret.secretStore.name` | | `""` |
| `secret.secretStore.kind` | | `""` |
| `secret.data` | | `{}` |
| `replicaCount` | | `1` |
| `resources.limits.cpu` | | `"100m"` |
| `resources.limits.memory` | | `"256Mi"` |
Expand Down
33 changes: 33 additions & 0 deletions charts/music-notifications/templates/external-secret.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
{{- if .Values.secret.externalSecretKey }}
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: {{ include "music-notifications.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "music-notifications.labels" . | nindent 4 }}
spec:
refreshInterval: 1h
secretStoreRef:
name: cluster
kind: ClusterSecretStore
target:
name: {{ include "music-notifications.fullname" . }}
template:
engineVersion: v2
metadata:
labels:
{{- include "music-notifications.labels" . | nindent 10 }}
{{- with .Values.secret.annotations }}
annotations:
{{ toYaml . }}
{{- end }}
creationPolicy: Owner
deletionPolicy: Delete
dataFrom:
- extract:
conversionStrategy: Default
decodingStrategy: None
metadataPolicy: None
key: {{ .Values.secret.externalSecretKey | quote }}
{{- end }}
35 changes: 8 additions & 27 deletions charts/music-notifications/templates/secret.yaml
Original file line number Diff line number Diff line change
@@ -1,33 +1,14 @@
{{- if .Values.secret.externalSecretKey }}
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
{{- if not .Values.secret.externalSecretKey }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "music-notifications.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "music-notifications.labels" . | nindent 4 }}
spec:
refreshInterval: 1h
secretStoreRef:
name: cluster
kind: ClusterSecretStore
target:
name: {{ include "music-notifications.fullname" . }}
template:
engineVersion: v2
metadata:
labels:
{{- include "music-notifications.labels" . | nindent 10 }}
{{- with .Values.secret.annotations }}
annotations:
{{ toYaml . }}
{{- end }}
creationPolicy: Owner
deletionPolicy: Delete
dataFrom:
- extract:
conversionStrategy: Default
decodingStrategy: None
metadataPolicy: None
key: {{ .Values.secret.externalSecretKey | quote }}
type: Opaque
{{- with .Values.secret.data }}
data:
{{ toYaml . }}
{{- end }}
{{- end }}
15 changes: 14 additions & 1 deletion charts/music-notifications/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,24 @@ ingress:
annotations: {}

secret:
externalSecretKey: pms/corp/rclone-config
externalSecretKey: ''

# Custom annotations on the secret
# this is only used for the external secrets
annotations: {}

# this is only used for the external secrets
secretStore:
name: ''
kind: ''

# use this to set the values of the secrets directly
# these values will be mounted as environment variables and should be base64 encoded
data: {}
# SLACK_APP_CLIENT_ID
# SLACK_APP_CLIENT_SECRET
# SLACK_APP_SIGNING_SECRET

replicaCount: 1

resources:
Expand Down

0 comments on commit ee4b083

Please sign in to comment.