charts/coms/templates/secret.yaml from bcgov/common-object-management-service

charts/coms/templates/secret.yaml
Summary

Maintainability

Test Coverage

Issues
{{- $baPassword := (randAlphaNum 32) }}
{{- $baUsername := (randAlphaNum 32) }}
{{- $dbPassword := (randAlphaNum 32) }}
{{- $dbUsername := (randAlphaNum 32) }}

{{- $baSecretName := printf "%s-%s" (include "coms.fullname" .) "basicauth" }}
{{- $baSecret := (lookup "v1" "Secret" .Release.Namespace $baSecretName ) }}
{{- $dbSecretName := printf "%s-%s" (include "coms.fullname" .) "passphrase" }}
{{- $dbSecret := (lookup "v1" "Secret" .Release.Namespace $dbSecretName ) }}
{{- $kcSecretName := printf "%s-%s" (include "coms.fullname" .) "keycloak" }}
{{- $kcSecret := (lookup "v1" "Secret" .Release.Namespace $kcSecretName ) }}
{{- $osSecretName := printf "%s-%s" (include "coms.fullname" .) "objectstorage" }}
{{- $osSecret := (lookup "v1" "Secret" .Release.Namespace $osSecretName ) }}

{{- if not $baSecret }}
---
apiVersion: v1
kind: Secret
metadata:
  {{- if not .Values.config.releaseScoped }}
  annotations:
    "helm.sh/resource-policy": keep
  {{- end }}
  name: {{ $baSecretName }}
  labels: {{ include "coms.labels" . | nindent 4 }}
type: kubernetes.io/basic-auth
data:
  password: {{ .Values.basicAuthSecretOverride.password | default $baPassword | b64enc | quote }}
  username: {{ .Values.basicAuthSecretOverride.username | default $baUsername | b64enc | quote }}
{{- end }}
{{- if not $dbSecret }}
---
apiVersion: v1
kind: Secret
metadata:
  {{- if not .Values.config.releaseScoped }}
  annotations:
    "helm.sh/resource-policy": keep
  {{- end }}
  name: {{ $dbSecretName }}
  labels: {{ include "coms.labels" . | nindent 4 }}
type: Opaque
data:
  password: {{ .Values.dbSecretOverride.password | default $dbPassword | b64enc | quote }}
  username: {{ .Values.dbSecretOverride.username | default $dbUsername | b64enc | quote }}
{{- end }}
{{- if and (not $kcSecret) (and .Values.keycloakSecretOverride.password .Values.keycloakSecretOverride.username) }}
---
apiVersion: v1
kind: Secret
metadata:
  {{- if not .Values.config.releaseScoped }}
  annotations:
    "helm.sh/resource-policy": keep
  {{- end }}
  name: {{ $kcSecretName }}
  labels: {{ include "coms.labels" . | nindent 4 }}
type: kubernetes.io/basic-auth
data:
  password: {{ .Values.keycloakSecretOverride.password | b64enc | quote }}
  username: {{ .Values.keycloakSecretOverride.username | b64enc | quote }}
{{- end }}
{{- if and .Values.features.defaultBucket (not $osSecret) (and .Values.objectStorageSecretOverride.password .Values.objectStorageSecretOverride.username) }}
---
apiVersion: v1
kind: Secret
metadata:
  {{- if not .Values.config.releaseScoped }}
  annotations:
    "helm.sh/resource-policy": keep
  {{- end }}
  name: {{ $osSecretName }}
  labels: {{ include "coms.labels" . | nindent 4 }}
type: kubernetes.io/basic-auth
data:
  password: {{ .Values.objectStorageSecretOverride.password | b64enc | quote }}
  username: {{ .Values.objectStorageSecretOverride.username | b64enc | quote }}
{{- end }}