Mostly just tightening up stuff (hard focus on purpose etc...)
All checks were successful
Deploy the Helm Chart / build (push) Successful in 13s
All checks were successful
Deploy the Helm Chart / build (push) Successful in 13s
This commit is contained in:
Alan Bridgeman
parent
324823385e
commit
5071b34ee5
4 changed files with 10 additions and 46 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
|
@ -5,5 +5,5 @@ values.filled.yaml
|
|||
ba-custom-hashicorp-vault-*.tgz
|
||||
|
||||
# Random other stuff
|
||||
templates.old
|
||||
*.old*
|
||||
input.json
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
# Customized Hashicorp Vault Implementation - Helm Chart
|
||||
This repository is meant to hold the helm chart to be able to deploy the customized Hashicorp Vault implementation to a Kubernetes cluster using the Helm software.
|
||||
This repository is meant to hold the [Helm](https://helm.sh) chart to be able to deploy the customized [Hashicorp Vault](https://www.hashicorp.com/en/products/vault) implementation to a [Kubernetes](https://kubernetes.io) cluster using the [Helm}(https://helm.sh) software.
|
||||
|
||||
## Including as a dependency
|
||||
To use this chart as a dependency:
|
||||
|
|
@ -7,7 +7,7 @@ To use this chart as a dependency:
|
|||
```yaml
|
||||
dependencies:
|
||||
- name: ba-custom-hashicorp-vault
|
||||
version: 1.0.4
|
||||
version: 1.0.5
|
||||
repository: "https://helm.bridgemanaccessible.ca/"
|
||||
alias: passVault
|
||||
condition: passVault.enabled
|
||||
|
|
@ -18,12 +18,9 @@ The following table summarizes the values that can be specified in the `values.y
|
|||
|
||||
| Value Name | Possible Values | Required |
|
||||
| ------------------------------------------------------------ | ---------------------------------------------------------------- | -------- |
|
||||
| `type` | `hashicorp` / `azure` | Yes |
|
||||
| `type` | `hashicorp` | Yes |
|
||||
| `vaultName` | string | No |
|
||||
| `vaultPort` | number (ex. `8200`) | No |
|
||||
| `clientID` | string | No |
|
||||
| `clientSecret` | string | No |
|
||||
| `tenantID` | string | No |
|
||||
| `create`.`enabled` | `true` / `false` | Yes |
|
||||
| `create`.`image`.`repository` | string (ex. `<redacted-private-repo>/ba-custom-hashicorp-vault`) | Yes* |
|
||||
| `create`.`image`.`tag` | `latest` | Yes* |
|
||||
|
|
|
|||
|
|
@ -1,12 +0,0 @@
|
|||
{{- if and (.Values.enabled) (eq .Values.type "azure") -}}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "vault.fullname" . }}-secret
|
||||
type: opaque
|
||||
data:
|
||||
client-id: {{ .Values.clientId | b64enc }}
|
||||
client-secret: {{ .Values.clientSecret | b64enc}}
|
||||
name: {{ .Values.vaultName | b64enc }}
|
||||
tenant-id: {{ .Values.tenantId | b64enc }}
|
||||
{{- end -}}
|
||||
33
values.yaml
33
values.yaml
|
|
@ -4,45 +4,24 @@
|
|||
|
||||
# The type of secrets "vault" to use.
|
||||
#
|
||||
# Vaults
|
||||
# ------
|
||||
# The following table lists the supported "vault" types:
|
||||
#
|
||||
# | Type | Description | Current Status | Required Fields |
|
||||
# | ----------- | -------------------- | -------------- | --------------------------------------------------- |
|
||||
# | `hashicorp` | Uses Hashicorp Vault | Implemented | `vaultName` (if `create` not true) |
|
||||
# | `azure` | Uses Azure Key Vault | Implemented | `vaultName`, `clientId`, `clientSecret`, `tenantId` |
|
||||
# The only appropriate value here is `hashicorp` at present.
|
||||
#
|
||||
# This is left here so that if in the future there is distinction between different Hashicorp Vault types this can be extended.
|
||||
# Also, downstream charts may use this to determine which type of vault (outside Hashicorp Vault) to connect to.
|
||||
#
|
||||
type: 'hashicorp'
|
||||
|
||||
# The name of the vault instance to connect to
|
||||
#
|
||||
# This is relevant if type is set to `hashicorp` or `azure`
|
||||
# Note, if `create` is true this is ignored
|
||||
#
|
||||
# For `hashicorp`, this is generally the hostname of the Hashicorp Vault instance to connect to
|
||||
# For `azure`, this is the name of the Azure Key Vault instance to connect to
|
||||
# This is generally the hostname of the Hashicorp Vault instance to connect to
|
||||
#vaultName: ''
|
||||
|
||||
# The port of the vault instance to connect to
|
||||
#
|
||||
# ONLY RELEVANT iF `type` IS SET TO `hashicorp` AND `create` IS NOT TRUE
|
||||
# ONLY RELEVANT iF `create` IS NOT TRUE
|
||||
#vaultPort: 8200
|
||||
|
||||
# The client ID of the Azure Key Vault instance
|
||||
#
|
||||
# ONLY RELEVANT IF `type` IS SET TO `azure`
|
||||
#clientID: ""
|
||||
|
||||
# The client secret of the Azure Key Vault instance
|
||||
#
|
||||
# ONLY RELEVANT IF `type` IS SET TO `azure`
|
||||
#clientSecret: ""
|
||||
|
||||
# The tenant ID of the Azure Key Vault instance
|
||||
#
|
||||
# ONLY RELEVANT IF `type` IS SET TO `azure`
|
||||
#tenantID: ""
|
||||
|
||||
# Configurations to create a Hashicorp Vault instance as part of the Helm chart
|
||||
#
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue