Skip to content

Commit

Permalink
chore(secrets): use configurable refs instead of fixed names (acrylda…
Browse files Browse the repository at this point in the history
…ta#323)

* chore(secrets): use configurable refs instead of fixed names

* Update Chart.yaml

---------

Co-authored-by: david-leifker <114954101+david-leifker@users.noreply.github.com>
  • Loading branch information
2 people authored and Dimitri GRISARD committed Jul 10, 2023
1 parent e146d86 commit f20e15e
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 7 deletions.
2 changes: 1 addition & 1 deletion charts/datahub/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ description: A Helm chart for LinkedIn DataHub
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
version: 0.2.169
version: 0.2.170
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
appVersion: 0.10.3
Expand Down
5 changes: 3 additions & 2 deletions charts/datahub/templates/datahub-auth-secrets.yml
Original file line number Diff line number Diff line change
@@ -1,13 +1,14 @@
{{- if .Values.global.datahub.metadata_service_authentication.enabled -}}
{{- $secret := lookup "v1" "Secret" .Release.Namespace "datahub-auth-secrets" -}}
{{- $secretRef := .Values.global.datahub.metadata_service_authentication.systemClientSecret.secretRef | required "secretRef required" -}}
{{- $secret := lookup "v1" "Secret" .Release.Namespace $secretRef -}}
{{- $data := $secret.data | default dict -}}
{{- with .Values.global.datahub.metadata_service_authentication.provisionSecrets }}

{{- if .enabled }}
apiVersion: v1
kind: Secret
metadata:
name: "datahub-auth-secrets"
name: {{ $secretRef }}
type: Opaque
data:
{{- if .autoGenerate }}
Expand Down
10 changes: 6 additions & 4 deletions charts/datahub/templates/datahub-encryption-secrets.yml
Original file line number Diff line number Diff line change
@@ -1,16 +1,18 @@
{{- $secret := lookup "v1" "Secret" .Release.Namespace "datahub-encryption-secrets" -}}
{{- $secretRef := .Values.global.datahub.encryptionKey.secretRef | required "secretRef required" -}}
{{- $secretKey := .Values.global.datahub.encryptionKey.secretKey | required "secretKey required" -}}
{{- $secret := lookup "v1" "Secret" .Release.Namespace $secretRef -}}
{{- $data := $secret.data | default dict -}}
{{- with .Values.global.datahub.encryptionKey.provisionSecret }}

{{- if .enabled }}
apiVersion: v1
kind: Secret
metadata:
name: "datahub-encryption-secrets"
name: {{ $secretRef }}
type: Opaque
data:
data:
{{- if .autoGenerate }}
encryption_key_secret: {{ get $data "encryption_key_secret" | default (randAlphaNum 20 | b64enc | quote) }}
encryption_key_secret: {{ get $data $secretKey | default (randAlphaNum 20 | b64enc | quote) }}
{{- else }}
encryption_key_secret: {{ .secretValues.encryptionKey | b64enc | quote }}
{{- end }}
Expand Down

0 comments on commit f20e15e

Please sign in to comment.