Skip to content

Commit

Permalink
Merge pull request #21 from cloudkite-io/externalsecret-key
Browse files Browse the repository at this point in the history 
Add secretKey and property to externalsecret values
  • Loading branch information
@mmd-afegbua
mmd-afegbua authored Nov 30, 2023
2 parents d9e7a92 + 73eba49 commit ea27e8f
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 23 deletions.
2 changes: 1 addition & 1 deletion standard-app/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: standard-app
description: A Helm chart library by Cloudkite
type: application
version: 0.1.0
version: 0.2.0
maintainters:
- email: [email protected]
name: cloudkite
25 changes: 15 additions & 10 deletions standard-app/example.values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,7 @@ apps:
args:
- /etc/scripts/script1.sh
secrets:
- SOURCE_PROJECT_ID
- SOURCE_INSTANCE_ID
- secretKey: SOURCE_PROJECT_ID
image: us-central1-docker.pkg.dev/cloudkite-infra-ops/cloudkite-docker-images/app-1
tag: tag-1
imagePullPolicy: None
Expand Down Expand Up @@ -79,6 +78,11 @@ apps:
env:
ENV1: foo
ENV2: bar
secrets:
- secretKey: appsettings.json
property: APPSETTINGS_JSON
- secretKey: SOURCE_PROJECT_ID


# cloudkite-app-2:
# serviceAccount: cloudkite
Expand Down Expand Up @@ -123,10 +127,9 @@ externalSecret:
refreshInterval: 15s

secrets:
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AWS_LOCATION

- secretKey: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY

# TODO: add AWS Secrets Manager

cronjobs:
Expand Down Expand Up @@ -171,8 +174,9 @@ cronjobs:
args:
- /etc/scripts/script1.sh
secrets:
- SOURCE_PROJECT_ID
- SOURCE_INSTANCE_ID
- secretKey: SOURCE_PROJECT_ID


exampleinitcontainer-2:
image: asdasd
args:
Expand All @@ -189,5 +193,6 @@ cronjobs:
command: ["/bin/sh", "-c"]
args: ["node", "example_app.js"]
secrets:
- MONGO_URL
- POSTGRES_URL
- secretKey: appsettings.json
property: APPSETTINGS_JSON
- secretKey: SOURCE_PROJECT_ID
24 changes: 12 additions & 12 deletions standard-app/templates/configs/externalsecret.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,14 +22,14 @@ spec:
creationPolicy: Owner
data:
{{- range $secret := $appConfig.secrets }}
- secretKey: {{ $secret }}
- secretKey: {{ $secret.secretKey }}
remoteRef:
{{- if eq $.Values.externalSecret.type "gcp" }}
key: {{ $.Release.Name | upper }}_{{ $secret }}
{{- end }}
{{- if eq $.Values.externalSecret.type "vault" }}
key: {{ $.Values.externalSecret.secretPath }}/{{ $.Release.Name }}
property: {{ $secret }}
property: {{ $secret.property | default $secret.secretKey }}
{{- end }}
{{- end }}
---
Expand Down Expand Up @@ -59,14 +59,14 @@ spec:
creationPolicy: Owner
data:
{{- range $secret := $jobConfig.secrets }}
- secretKey: {{ $secret }}
- secretKey: {{ $secret.secretKey }}
remoteRef:
{{- if eq $.Values.externalSecret.type "gcp" }}
key: {{ $.Release.Name | upper }}_{{ $secret }}
{{- end }}
{{- if eq $.Values.externalSecret.type "vault" }}
key: {{ $.Values.externalSecret.secretPath }}/{{ $.Release.Name }}
property: {{ $secret }}
property: {{ $secret.property | default $secret.secretKey }}
{{- end }}
{{- end }}
---
Expand Down Expand Up @@ -95,14 +95,14 @@ spec:
creationPolicy: Owner
data:
{{- range $secret := .Values.secrets }}
- secretKey: {{ $secret }}
- secretKey: {{ $secret.secretKey }}
remoteRef:
{{- if eq $.Values.externalSecret.type "gcp" }}
key: {{ $.Release.Name | upper }}_{{ $secret }}
{{- end }}
{{- if eq $.Values.externalSecret.type "vault" }}
key: {{ $.Values.externalSecret.secretPath }}/{{ $.Release.Name }}
property: {{ $secret }}
property: {{ $secret.property | default $secret.secretKey }}
{{- end }}
{{- end }}
---
Expand Down Expand Up @@ -133,14 +133,14 @@ spec:
creationPolicy: Owner
data:
{{- range $secret := $initContainerConfig.secrets }}
- secretKey: {{ $secret }}
- secretKey: {{ $secret.secretKey }}
remoteRef:
{{- if eq $.Values.externalSecret.type "gcp" }}
key: {{ $.Release.Name | upper }}_{{ $secret }}
{{- end }}
{{- if eq $.Values.externalSecret.type "vault" }}
key: {{ $.Values.externalSecret.secretPath }}/{{ $.Release.Name }}
property: {{ $secret }}
property: {{ $secret.property | default $secret.secretKey }}
{{- end }}
{{- end }}
---
Expand Down Expand Up @@ -170,14 +170,14 @@ spec:
creationPolicy: Owner
data:
{{- range $secret := $containerConfig.secrets }}
- secretKey: {{ $secret }}
- secretKey: {{ $secret.secretKey }}
remoteRef:
{{- if eq $.Values.externalSecret.type "gcp" }}
key: {{ $.Release.Name | upper }}_{{ $secret }}
{{- end }}
{{- if eq $.Values.externalSecret.type "vault" }}
key: {{ $.Values.externalSecret.secretPath }}/{{ $.Release.Name }}
property: {{ $secret }}
property: {{ $secret.property | default $secret.secretKey }}
{{- end }}
{{- end }}
---
Expand Down Expand Up @@ -206,14 +206,14 @@ spec:
creationPolicy: Owner
data:
{{- range $secret := $cronjobConfig.secrets }}
- secretKey: {{ $secret }}
- secretKey: {{ $secret.secretKey }}
remoteRef:
{{- if eq $.Values.externalSecret.type "gcp" }}
key: {{ $.Release.Name | upper }}_{{ $secret }}
{{- end }}
{{- if eq $.Values.externalSecret.type "vault" }}
key: {{ $.Values.externalSecret.secretPath }}/{{ $.Release.Name }}
property: {{ $secret }}
property: {{ $secret.property | default $secret.secretKey }}
{{- end }}
{{- end }}
---
Expand Down

0 comments on commit ea27e8f

Please sign in to comment.