Skip to content

Latest commit

 

History

History
 
 

helper-sealed-secrets

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 

👻 Helper for Sealed Secrets

This chart is NOT the chart to deploy Sealed Secrets. This a collection of reusable templates to avoid code repetition in other charts. If you're looking to deploy Sealed Secrets, check the instructions here To use this chart add it as a dependency and supply the correct values you'd like to include. There are no default sensible values only examples of how to use this chart.

You must supply an already sealed secret to this chart. This chart will not execute the commands to seal the secret for you. for instructions on Sealing Secrets, take a look at the instructions here

Installing the chart

To install the chart:

$ helm template -f helper-sealed-secrets/values.yaml helper-sealed-secrets | oc apply -f-

Configuration

The following table lists the configurable parameters of the Bootstrap chart and their default values. See the values file for more concrete examples.

Parameter Description Default
secrets Array of things that can be sealed this exists, bt should be over ridden by your secrets
secrets.name Secret name that's generated by unsealing
secrets.type kube secret type eg "basic-auth" etc opaque
secrets.data encrypted data that will be unsealed
secrets.labels Labels to be applied directly to the unsealed secret

Secret generation

Generate the encrypted value using your sealed secret deployment before adding them to your values file. Here is a quick example using a sealed-secrets instance deployed to a namespace called labs-ci-cd

kubectl create secret generic example-opaque --dry-run --from-literal=foo=bar -o yaml -n labs-ci-cd | \
 kubeseal \
 --controller-name=sealed-secrets \
 --controller-namespace=labs-ci-cd \
 --format yaml > sealed-example-opaque.yaml