devtron/scripts/devtron-reference-helm-charts/statefulset-chart_5-1-0/templates/externalsecrets.yaml at 134d495489398ace980815bf559c0cd753ebf001 · devtron-labs/devtron · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
{{- if .Values.ConfigSecrets.enabled }}
  {{- range .Values.ConfigSecrets.secrets }}
  {{if eq .external true }}
  {{if (or (eq .externalType "ESO_GoogleSecretsManager") (eq .externalType "ESO_AWSSecretsManager") (eq .externalType "ESO_HashiCorpVault") (eq .externalType "ESO_AzureSecretsManager"))}}
{{- if .esoSecretData.secretStore }}
---
{{- if $.Capabilities.APIVersions.Has "external-secrets.io/v1" }}
apiVersion: external-secrets.io/v1
{{- else }}
apiVersion: external-secrets.io/v1beta1
{{- end }}
kind: SecretStore
metadata:
  name: {{ .name}}
  labels:
    app: {{ template ".Chart.Name .name" $ }}
    chart: {{ template ".Chart.Name .chart" $ }}
    appId: {{ $.Values.app | quote }}
    envId: {{ $.Values.env | quote }}
    release: {{ $.Release.Name }}
{{- if $.Values.appLabels }}
{{ toYaml $.Values.appLabels | indent 4 }}
{{- end }}
spec:
  provider:
    {{- toYaml .esoSecretData.secretStore | nindent 4 }}
{{- end }}
---
{{- if $.Capabilities.APIVersions.Has "external-secrets.io/v1" }}
apiVersion: external-secrets.io/v1
{{- else }}
apiVersion: external-secrets.io/v1beta1
{{- end }}
kind: ExternalSecret
metadata:
  name: {{ .name }}
  labels:
    app: {{ template ".Chart.Name .name" $ }}
    chart: {{ template ".Chart.Name .chart" $ }}
    appId: {{ $.Values.app | quote }}
    envId: {{ $.Values.env | quote }}
    release: {{ $.Release.Name }}
{{- if $.Values.appLabels }}
{{ toYaml $.Values.appLabels | indent 4 }}
{{- end }}
spec:
  {{- if .esoSecretData.refreshInterval }}
  refreshInterval: {{ .esoSecretData.refreshInterval }}
  {{- else }}
  refreshInterval: 1h
  {{- end}}
  {{- if and .esoSecretData.secretStoreRef (not .esoSecretData.secretStore) }}
  secretStoreRef:
{{ toYaml .esoSecretData.secretStoreRef | indent 4 }}
  {{- else }}
  secretStoreRef:
    name: {{ .name}}
    kind: SecretStore
  {{- end }}
  target:
    name: {{ .name}}
    {{- if .esoSecretData.template }}
    template:
      {{- toYaml .esoSecretData.template | nindent 6 }}
    {{- end }}
    creationPolicy: Owner
  {{- if .esoSecretData.esoDataFrom }}
  dataFrom:
    {{- toYaml .esoSecretData.esoDataFrom | nindent 4 }}
  {{- else }}
  data:
  {{- range .esoSecretData.esoData }}
  - secretKey: {{ .secretKey }}
    remoteRef:
        key: {{ .key }}
        {{- if .property }}
        property: {{ .property }}
        {{- end }}
  {{- end}}
{{- end}}
{{- end}}
{{- end}}
{{- end}}
{{- end}}