-
Notifications
You must be signed in to change notification settings - Fork 164
/
Copy pathsecret.yaml
72 lines (72 loc) · 3.44 KB
/
secret.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
{{- if not .Values.existingSecret }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.secrets.name" (dict "defaultNameSuffix" "config" "context" $) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque
data:
email_password: {{ .Values.email.password | b64enc | quote }}
secret_key: {{ .Values.secretKey | default (randAscii 60) | b64enc | quote }}
{{- if has "netbox.authentication.LDAPBackend" .Values.remoteAuth.backends }}
ldap_bind_password: {{ .Values.remoteAuth.ldap.bindPassword | b64enc | quote }}
{{- end }}
{{- end }}
{{- if not .Values.superuser.existingSecret }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.secrets.name" (dict "defaultNameSuffix" "superuser" "context" $) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: kubernetes.io/basic-auth
data:
username: {{ .Values.superuser.name | default "admin" | b64enc | quote }}
password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.secrets.name" (dict "defaultNameSuffix" "superuser" "context" $)) "key" "password" "providedValues" (list "superuser.password") "context" $) }}
email: {{ .Values.superuser.email | b64enc | quote }}
api_token: {{ .Values.superuser.apiToken | default uuidv4 | b64enc | quote }}
{{- end }}
{{- if not (or .Values.postgresql.enabled .Values.externalDatabase.existingSecretName) }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.secrets.name" (dict "defaultNameSuffix" "postgresql" "context" $) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque
data:
db_password: {{ .Values.externalDatabase.password | b64enc | quote }}
{{- end }}
{{- if not (or .Values.redis.enabled (and .Values.tasksRedis.existingSecretName .Values.cachingRedis.existingSecretName)) }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.secrets.name" (dict "defaultNameSuffix" "redis" "context" $) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque
data:
{{- if not .Values.tasksRedis.existingSecretName }}
redis_tasks_password: {{ .Values.tasksRedis.password | b64enc | quote }}
{{- end }}
{{- if not .Values.cachingRedis.existingSecretName }}
redis_cache_password: {{ .Values.cachingRedis.password | b64enc | quote }}
{{- end }}
{{- end }}