Preserve secrets

This commit is contained in:
Guilhem Lavaux 2024-12-08 10:56:23 +01:00
parent f9e0465ae6
commit 21d9e490dc

View File

@ -1,25 +1,34 @@
{{- $webhook_secret := .Values.updater.webhook_secret }} {{- $webhook_secret := .Values.updater.webhook_secret }}
{{- $apiUsername := .Values.updater.apiUsername }} {{- $apiUsername := .Values.updater.apiUsername }}
{{- $apiPassword := .Values.updater.apiPassword }} {{- $apiPassword := .Values.updater.apiPassword }}
{{- $secretName := printf "%s-webhook-secret" .Release.Namespace }}
{{- $secretData := (lookup "v1" "Secret" .Release.Namespace $secretName).data }}
{{- if not $webhook_secret }}
{{- $webhook_secret = randAlphaNum 10 }} {{- if $secretData }}
{{- end }} {{- $webhook_secret = index $secretData "WEBHOOK_SECRET" | b64dec }}
{{- if not $apiUsername}} {{- $apiUsername = index $secretData "API_USERNAME" | b64dec }}
{{- $apiUsername = randAlphaNum 10 }} {{- $apiPassword = index $secretData "API_PASSWORD" | b64dec }}
{{- end }} {{- else }}
{{- if not $apiPassword}} {{- if not $webhook_secret }}
{{- $apiPassword = randAlphaNum 10 }} {{- $webhook_secret = randAlphaNum 10 }}
{{- end }} {{- end }}
{{- if not $apiUsername}}
{{- $apiUsername = randAlphaNum 10 }}
{{- end }}
{{- if not $apiPassword}}
{{- $apiPassword = randAlphaNum 10 }}
{{- end }}
{{- end}}
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ .Release.Name }}-webhook-secret name: {{ $secretName }}
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
type: Opaque type: Opaque
data: data:
WEBHOOK_SECRET: {{ $webhook_secret | b64enc }} WEBHOOK_SECRET: {{ $webhook_secret | b64enc }}
API_USERNAME: {{ $apiUsername | b64enc }} API_USERNAME: {{ $apiUsername | b64enc }}
API_PASSWORD: {{ $apiPassword | b64enc }} API_PASSWORD: {{ $apiPassword | b64enc }}
SCRIPT_NAME: {{ "/.webhook" | b64enc }} SCRIPT_NAME: {{ "/.webhook" | b64enc }}