Asara/k8s
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Extend secrets helm chart

Browse source
This commit is contained in:
Amarpreet Minhas 2023-07-10 20:46:00 +00:00
parent e66e15aecb
commit eb1bd5f704
7 changed files with 28 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
argo/miniflux/values.yaml
View file

@ -6,13 +6,16 @@ serviceAccountName: miniflux
externalSecrets: externalSecrets:
secretStoreName: miniflux secretStoreName: miniflux
vaultRole: miniflux vaultRole: miniflux
secrets: secretPaths:
- secretKey: miniflux_admin_pw - name: miniflux
key: miniflux secrets:
property: miniflux_admin_pw - secretKey: miniflux_admin_pw
- secretKey: miniflux_db_url key: miniflux
key: miniflux property: miniflux_admin_pw
property: miniflux_db_url - secretKey: miniflux_db_url
key: miniflux
property: miniflux_db_url
istio: istio:
commonName: rss.minhas.io commonName: rss.minhas.io
ingressSelector: ingressgateway ingressSelector: ingressgateway

10
argo/pihole/values.yaml
View file

@ -6,10 +6,12 @@ serviceAccountName: default
externalSecrets: externalSecrets:
secretStoreName: default secretStoreName: default
vaultRole: external-dns vaultRole: external-dns
secrets: secretPaths:
- secretKey: pihole-password - name: pihole
key: external-dns secrets:
property: pihole-password - secretKey: pihole-password
key: external-dns
property: pihole-password
# app # app
serviceDns: serviceDns:

10
argo/secrets/templates/external-secrets.yaml
View file

@ -59,18 +59,19 @@ spec:
secretRef: secretRef:
name: "serviceaccounttoken" name: "serviceaccounttoken"
... ...
{{- range .Values.externalSecrets.secretPaths }}
--- ---
apiVersion: external-secrets.io/v1beta1 apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: {{ .Values.name }} name: {{ .name }}
namespace: {{ .Values.namespace }} namespace: {{ $.Values.namespace }}
spec: spec:
secretStoreRef: secretStoreRef:
name: {{ .Values.externalSecrets.secretStoreName }} name: {{ $.Values.externalSecrets.secretStoreName }}
kind: SecretStore kind: SecretStore
data: data:
{{- range .Values.externalSecrets.secrets }} {{- range .secrets }}
- secretKey: {{ .secretKey }} - secretKey: {{ .secretKey }}
remoteRef: remoteRef:
conversionStrategy: Default conversionStrategy: Default
@ -79,4 +80,5 @@ spec:
property: {{ .property }} property: {{ .property }}
{{- end }} {{- end }}
... ...
{{- end }}
{{ end }} {{ end }}

10
argo/vault-config-operator/values.yaml
View file

@ -5,10 +5,12 @@ serviceAccountName: vault-config-operator
externalSecrets: externalSecrets:
secretStoreName: vault-config-operator secretStoreName: vault-config-operator
vaultRole: vault-config-operator vaultRole: vault-config-operator
secrets: secretPaths:
- secretKey: ca.crt - name: vault-config-operator
key: vault-config-operator secrets:
property: ca.crt - secretKey: ca.crt
key: vault-config-operator
property: ca.crt
enableCertManager: true enableCertManager: true

0
helm/setup/003-cert-manager/external-secrets.yaml → helm/apps/cert-manager-stack/external-secrets.yaml
View file

0
helm/setup/003-cert-manager/install.sh → helm/apps/cert-manager-stack/install.sh
View file

0
helm/setup/003-cert-manager/issuers.yaml → helm/apps/cert-manager-stack/issuers.yaml
View file