Allow mounting of existing secrets (#53)
This commit is contained in:
Marcel Lambacher
@@ -1,5 +1,5 @@
|
|||||||
{{- define "common.volumeMountsRef.tpl" -}}
|
{{- define "common.volumeMountsRef.tpl" -}}
|
||||||
{{- if or (or (.Values.volumes) (.Values.sealedFileSecrets)) .Values.fileSecrets }}
|
{{- if or (or (or (.Values.volumes) (.Values.sealedFileSecrets)) .Values.fileSecrets) .Values.existingFileSecrets }}
|
||||||
volumeMounts: &volumeMounts
|
volumeMounts: &volumeMounts
|
||||||
{{- range .Values.volumes }}
|
{{- range .Values.volumes }}
|
||||||
- name: {{ .name }}
|
- name: {{ .name }}
|
||||||
@@ -15,5 +15,13 @@ volumeMounts: &volumeMounts
|
|||||||
mountPath: {{ .path }}
|
mountPath: {{ .path }}
|
||||||
readOnly: true
|
readOnly: true
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- range .Values.existingFileSecrets }}
|
||||||
|
- name: {{ .name }}
|
||||||
|
mountPath: {{ .path }}
|
||||||
|
{{- if .subPath}}
|
||||||
|
subPath: {{ .subPath }}
|
||||||
|
{{- end }}
|
||||||
|
readOnly: true
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
{{- define "common.volumesRef.tpl" -}}
|
{{- define "common.volumesRef.tpl" -}}
|
||||||
{{- if or (or (.Values.volumes) (.Values.sealedFileSecrets)) .Values.fileSecrets }}
|
{{- if or (or (or (.Values.volumes) (.Values.sealedFileSecrets)) .Values.fileSecrets) .Values.existingFileSecrets }}
|
||||||
volumes:
|
volumes:
|
||||||
{{- range .Values.volumes }}
|
{{- range .Values.volumes }}
|
||||||
- name: {{ .name }}
|
- name: {{ .name }}
|
||||||
@@ -30,5 +30,10 @@ volumes:
|
|||||||
secret:
|
secret:
|
||||||
secretName: {{ printf "%s-%s" $.Release.Name .name }}
|
secretName: {{ printf "%s-%s" $.Release.Name .name }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- range .Values.existingFileSecrets }}
|
||||||
|
- name: {{ .name }}
|
||||||
|
secret:
|
||||||
|
secretName: {{ .name }}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|||||||
@@ -0,0 +1,44 @@
|
|||||||
|
suite: test deployment
|
||||||
|
templates:
|
||||||
|
- deployment.yaml
|
||||||
|
- configmap.yaml
|
||||||
|
- pvc.yaml
|
||||||
|
tests:
|
||||||
|
- it: Should mount volume
|
||||||
|
set:
|
||||||
|
existingFileSecrets:
|
||||||
|
- name: my-existing-secret
|
||||||
|
path: /config
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].volumeMounts
|
||||||
|
value:
|
||||||
|
- name: my-existing-secret
|
||||||
|
mountPath: /config
|
||||||
|
readOnly: true
|
||||||
|
- it: Should mount volume with optional subPath
|
||||||
|
set:
|
||||||
|
existingFileSecrets:
|
||||||
|
- name: my-existing-secret
|
||||||
|
path: /config/config.yaml
|
||||||
|
subPath: config.yml
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].volumeMounts
|
||||||
|
value:
|
||||||
|
- name: my-existing-secret
|
||||||
|
mountPath: /config/config.yaml
|
||||||
|
subPath: config.yml
|
||||||
|
readOnly: true
|
||||||
|
- it: Should reference volume
|
||||||
|
set:
|
||||||
|
existingFileSecrets:
|
||||||
|
- name: my-existing-secret
|
||||||
|
path: /config
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.volumes
|
||||||
|
value:
|
||||||
|
- name: my-existing-secret
|
||||||
|
secret:
|
||||||
|
secretName: my-existing-secret
|
||||||
@@ -693,6 +693,48 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"existingFileSecrets": {
|
||||||
|
"$id": "#/properties/existingFileSecrets",
|
||||||
|
"type": "array",
|
||||||
|
"title": "Existing file secrets",
|
||||||
|
"description": "Allows to mount existing secrets into a container",
|
||||||
|
"default": [],
|
||||||
|
"additionalItems": true,
|
||||||
|
"items": {
|
||||||
|
"$id": "#/properties/existingFileSecrets/items",
|
||||||
|
"type": "object",
|
||||||
|
"anyOf": [
|
||||||
|
{
|
||||||
|
"id": "#/properties/existingFileSecrets/oneOf/0",
|
||||||
|
"title": "existingFileSecrets",
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"name": {
|
||||||
|
"type": "string",
|
||||||
|
"title": "Name",
|
||||||
|
"description": "The name of the existing secret to mount",
|
||||||
|
"default": "data"
|
||||||
|
},
|
||||||
|
"path": {
|
||||||
|
"type": "string",
|
||||||
|
"title": "Path",
|
||||||
|
"description": "The mount path inside the container",
|
||||||
|
"default": "/data"
|
||||||
|
},
|
||||||
|
"subPath": {
|
||||||
|
"type": "string",
|
||||||
|
"title": "SubPath",
|
||||||
|
"description": "The optinal mount subpath inside the container, to only mount a specific file but not a complete directory.",
|
||||||
|
"default": "config.yaml"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"required": [
|
||||||
|
"name", "path"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
"volumes": {
|
"volumes": {
|
||||||
"$id": "#/properties/volumes",
|
"$id": "#/properties/volumes",
|
||||||
"type": "array",
|
"type": "array",
|
||||||
|
|||||||
Reference in New Issue
Block a user