helm: shared secrets handling for user and svcacct's (#16379)

This commit is contained in:
Christian Niessner 2023-02-06 06:51:10 +01:00 committed by GitHub
parent 85ff76e7b0
commit 6ac48aff46
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 12 additions and 3 deletions

View File

@ -91,7 +91,7 @@ connectToMinio $scheme
{{- range $idx, $svc := .Values.svcaccts }}
echo {{ tpl .accessKey $global }} > $MINIO_ACCESSKEY_SECRETKEY_TMP
{{- if .existingSecret }}
cat /config/secrets/{{ tpl .existingSecret $global }}/{{ tpl .existingSecretKey $global }} >> $MINIO_ACCESSKEY_SECRETKEY_TMP
cat /config/secrets-svc/{{ tpl .existingSecret $global }}/{{ tpl .existingSecretKey $global }} >> $MINIO_ACCESSKEY_SECRETKEY_TMP
# Add a new line if it doesn't exist
sed -i '$a\' $MINIO_ACCESSKEY_SECRETKEY_TMP
{{ else }}

View File

@ -93,7 +93,7 @@ connectToMinio $scheme
{{- range .Values.users }}
echo {{ tpl .accessKey $global }} > $MINIO_ACCESSKEY_SECRETKEY_TMP
{{- if .existingSecret }}
cat /config/secrets/{{ tpl .existingSecretKey $global }} >> $MINIO_ACCESSKEY_SECRETKEY_TMP
cat /config/secrets/{{ tpl .existingSecret $global }}/{{ tpl .existingSecretKey $global }} >> $MINIO_ACCESSKEY_SECRETKEY_TMP
# Add a new line if it doesn't exist
sed -i '$a\' $MINIO_ACCESSKEY_SECRETKEY_TMP
createUser {{ .policy }}

View File

@ -63,7 +63,16 @@ spec:
name: {{ tpl .existingSecret $ }}
items:
- key: {{ .existingSecretKey }}
path: secrets/{{ tpl .existingSecretKey $ }}
path: secrets/{{ tpl .existingSecret $ }}/{{ tpl .existingSecretKey $ }}
{{- end }}
{{- end }}
{{- range ( default list .Values.svcaccts ) }}
{{- if .existingSecret }}
- secret:
name: {{ tpl .existingSecret $ }}
items:
- key: {{ .existingSecretKey }}
path: secrets-svc/{{ tpl .existingSecret $ }}/{{ tpl .existingSecretKey $ }}
{{- end }}
{{- end }}
{{- if .Values.tls.enabled }}