Moved var and secret support to common
This commit is contained in:
Laszlo Fogas
@@ -0,0 +1,21 @@
|
||||
{{- define "common.envFromRef.tpl" -}}
|
||||
{{- if or (or (or (.Values.vars) (.Values.secretEnabled)) .Values.sealedSecrets) .Values.secretName }}
|
||||
envFrom: &envFrom
|
||||
{{- if .Values.vars }}
|
||||
- configMapRef:
|
||||
name: {{ template "common.robustName" .Release.Name }}
|
||||
{{- end }}
|
||||
{{- if .Values.secretEnabled }}
|
||||
- secretRef:
|
||||
name: {{ include "common.robustName" $.Release.Name }}
|
||||
{{- end }}
|
||||
{{- if .Values.secretName }}
|
||||
- secretRef:
|
||||
name: {{ .Values.secretName }}
|
||||
{{- end }}
|
||||
{{- if .Values.sealedSecrets }}
|
||||
- secretRef:
|
||||
name: {{ template "common.robustName" .Release.Name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -1,3 +1,4 @@
|
||||
{{- define "common.fileSecret.tpl" -}}
|
||||
{{- range .Values.fileSecrets }}
|
||||
---
|
||||
kind: Secret
|
||||
@@ -11,3 +12,4 @@ data:
|
||||
{{ $key }}: {{ $val | b64enc }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
+2
@@ -1,3 +1,4 @@
|
||||
{{- define "common.sealedFileSecret.tpl" -}}
|
||||
{{- range .Values.sealedFileSecrets }}
|
||||
{{- $robustName := include "robustName" $.Release.Name }}
|
||||
---
|
||||
@@ -22,3 +23,4 @@ spec:
|
||||
name: {{ printf "%s-%s" $.Release.Name .name }}
|
||||
namespace: {{ $.Release.Namespace }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
+4
-2
@@ -1,4 +1,5 @@
|
||||
{{- if .Values.sealedSecrets }}
|
||||
{{- define "common.sealedSecret.tpl" -}}
|
||||
{{- if .Values.sealedSecrets }}
|
||||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
@@ -17,4 +18,5 @@ spec:
|
||||
metadata:
|
||||
name: {{ template "robustName" .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
Binary file not shown.
@@ -7,8 +7,8 @@ metadata:
|
||||
{{- include "helm-chart.labels" . | nindent 4 }}
|
||||
spec:
|
||||
schedule: {{ .Values.schedule | quote }}
|
||||
{{ with .Values.constraints }}
|
||||
{{ toYaml . | nindent 2 }}
|
||||
{{- with .Values.constraints }}
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
jobTemplate:
|
||||
spec:
|
||||
@@ -29,15 +29,7 @@ spec:
|
||||
- {{ .Values.shell }}
|
||||
- -c
|
||||
- {{ .Values.command | quote }}
|
||||
envFrom:
|
||||
{{- if .Values.vars }}
|
||||
- configMapRef:
|
||||
name: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
{{- if .Values.secret.enabled }}
|
||||
- secretRef:
|
||||
name: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
{{- include "common.envFromRef.tpl" . | nindent 14 }}
|
||||
{{- include "common.volumeMountsRef.tpl" . | nindent 14 }}
|
||||
resources:
|
||||
{{- toYaml .Values.resources | nindent 16 }}
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
{{- include "common.fileSecret.tpl" . -}}
|
||||
@@ -0,0 +1 @@
|
||||
{{- include "common.sealedFileSecret.tpl" . -}}
|
||||
@@ -0,0 +1 @@
|
||||
{{- include "common.sealedSecret.tpl" . -}}
|
||||
@@ -13,7 +13,7 @@ tests:
|
||||
path: spec.jobTemplate.spec.template.spec.containers[0].envFrom
|
||||
content:
|
||||
configMapRef:
|
||||
name: RELEASE-NAME
|
||||
name: release-name
|
||||
- it: Should not reference configmap if vars are not set
|
||||
asserts:
|
||||
- isNull:
|
||||
|
||||
@@ -5,16 +5,16 @@ templates:
|
||||
tests:
|
||||
- it: Should reference secret if secret is enabled
|
||||
set:
|
||||
secret.enabled: true
|
||||
secretEnabled: true
|
||||
asserts:
|
||||
- contains:
|
||||
path: spec.jobTemplate.spec.template.spec.containers[0].envFrom
|
||||
content:
|
||||
secretRef:
|
||||
name: RELEASE-NAME
|
||||
name: release-name
|
||||
- it: Should not reference secret if secret is disabled
|
||||
set:
|
||||
secret.enabled: false
|
||||
secretEnabled: false
|
||||
asserts:
|
||||
- isNull:
|
||||
path: spec.jobTemplate.spec.template.spec.containers[0].envFrom
|
||||
|
||||
Binary file not shown.
@@ -61,25 +61,7 @@ spec:
|
||||
- -c
|
||||
- {{ .Values.command | quote }}
|
||||
{{- end }}
|
||||
{{- if or (or (or (.Values.vars) (.Values.secretEnabled)) .Values.sealedSecrets) .Values.secretName }}
|
||||
envFrom: &envFrom
|
||||
{{- if .Values.vars }}
|
||||
- configMapRef:
|
||||
name: {{ template "robustName" .Release.Name }}
|
||||
{{- end }}
|
||||
{{- if .Values.secretEnabled }}
|
||||
- secretRef:
|
||||
name: {{ include "robustName" $.Release.Name }}
|
||||
{{- end }}
|
||||
{{- if .Values.secretName }}
|
||||
- secretRef:
|
||||
name: {{ .Values.secretName }}
|
||||
{{- end }}
|
||||
{{- if .Values.sealedSecrets }}
|
||||
- secretRef:
|
||||
name: {{ template "robustName" .Release.Name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- include "common.envFromRef.tpl" . | nindent 10 }}
|
||||
ports:
|
||||
{{- if not .Values.ports }}
|
||||
- name: http
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
{{- include "common.fileSecret.tpl" . -}}
|
||||
@@ -0,0 +1 @@
|
||||
{{- include "common.sealedFileSecret.tpl" . -}}
|
||||
@@ -0,0 +1 @@
|
||||
{{- include "common.sealedSecret.tpl" . -}}
|
||||
@@ -1,6 +1,6 @@
|
||||
suite: test deployment
|
||||
templates:
|
||||
- sealed-file-secret.yaml
|
||||
- sealedFileSecret.yaml
|
||||
tests:
|
||||
- it: Should generate a sealed secret with the file
|
||||
set: &values
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
suite: test deployment
|
||||
templates:
|
||||
- sealed-secret.yaml
|
||||
- sealedSecret.yaml
|
||||
tests:
|
||||
- it: Should put sealed secrets in SealedSecret
|
||||
set:
|
||||
|
||||
Reference in New Issue
Block a user