Bridgeman-Accessible/custom-hashicorp-vault-helm
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Mostly just tightening up stuff (hard focus on purpose etc...)
All checks were successful
Deploy the Helm Chart / build (push) Successful in 13s
Details

Browse source
This commit is contained in:
Alan Bridgeman 2025-12-23 03:59:57 -06:00
parent 324823385e
commit 5071b34ee5
4 changed files with 10 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored
View file

@ -5,5 +5,5 @@ values.filled.yaml
ba-custom-hashicorp-vault-*.tgz ba-custom-hashicorp-vault-*.tgz
# Random other stuff # Random other stuff
templates.old *.old*
input.json input.json

9
README.md
View file

@ -1,5 +1,5 @@
# Customized Hashicorp Vault Implementation - Helm Chart # Customized Hashicorp Vault Implementation - Helm Chart
This repository is meant to hold the helm chart to be able to deploy the customized Hashicorp Vault implementation to a Kubernetes cluster using the Helm software. This repository is meant to hold the [Helm](https://helm.sh) chart to be able to deploy the customized [Hashicorp Vault](https://www.hashicorp.com/en/products/vault) implementation to a [Kubernetes](https://kubernetes.io) cluster using the [Helm}(https://helm.sh) software.
## Including as a dependency ## Including as a dependency
To use this chart as a dependency: To use this chart as a dependency:
@ -7,7 +7,7 @@ To use this chart as a dependency:
```yaml ```yaml
dependencies: dependencies:
- name: ba-custom-hashicorp-vault - name: ba-custom-hashicorp-vault
version: 1.0.4 version: 1.0.5
repository: "https://helm.bridgemanaccessible.ca/" repository: "https://helm.bridgemanaccessible.ca/"
alias: passVault alias: passVault
condition: passVault.enabled condition: passVault.enabled
@ -18,12 +18,9 @@ The following table summarizes the values that can be specified in the `values.y
| Value Name | Possible Values | Required | | Value Name | Possible Values | Required |
| ------------------------------------------------------------ | ---------------------------------------------------------------- | -------- | | ------------------------------------------------------------ | ---------------------------------------------------------------- | -------- |
| `type` | `hashicorp` / `azure` | Yes | | `type` | `hashicorp` | Yes |
| `vaultName` | string | No | | `vaultName` | string | No |
| `vaultPort` | number (ex. `8200`) | No | | `vaultPort` | number (ex. `8200`) | No |
| `clientID` | string | No |
| `clientSecret` | string | No |
| `tenantID` | string | No |
| `create`.`enabled` | `true` / `false` | Yes | | `create`.`enabled` | `true` / `false` | Yes |
| `create`.`image`.`repository` | string (ex. `<redacted-private-repo>/ba-custom-hashicorp-vault`) | Yes* | | `create`.`image`.`repository` | string (ex. `<redacted-private-repo>/ba-custom-hashicorp-vault`) | Yes* |
| `create`.`image`.`tag` | `latest` | Yes* | | `create`.`image`.`tag` | `latest` | Yes* |

12
templates/vault-keyvault-secret.yaml
View file

@ -1,12 +0,0 @@
{{- if and (.Values.enabled) (eq .Values.type "azure") -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "vault.fullname" . }}-secret
type: opaque
data:
client-id: {{ .Values.clientId | b64enc }}
client-secret: {{ .Values.clientSecret | b64enc}}
name: {{ .Values.vaultName | b64enc }}
tenant-id: {{ .Values.tenantId | b64enc }}
{{- end -}}

33
values.yaml
View file

@ -4,45 +4,24 @@
# The type of secrets "vault" to use. # The type of secrets "vault" to use.
# #
# Vaults # The only appropriate value here is `hashicorp` at present.
# ------ #
# The following table lists the supported "vault" types: # This is left here so that if in the future there is distinction between different Hashicorp Vault types this can be extended.
# # Also, downstream charts may use this to determine which type of vault (outside Hashicorp Vault) to connect to.
# | Type | Description | Current Status | Required Fields |
# | ----------- | -------------------- | -------------- | --------------------------------------------------- |
# | `hashicorp` | Uses Hashicorp Vault | Implemented | `vaultName` (if `create` not true) |
# | `azure` | Uses Azure Key Vault | Implemented | `vaultName`, `clientId`, `clientSecret`, `tenantId` |
# #
type: 'hashicorp' type: 'hashicorp'
# The name of the vault instance to connect to # The name of the vault instance to connect to
# #
# This is relevant if type is set to `hashicorp` or `azure`
# Note, if `create` is true this is ignored # Note, if `create` is true this is ignored
# #
# For `hashicorp`, this is generally the hostname of the Hashicorp Vault instance to connect to # This is generally the hostname of the Hashicorp Vault instance to connect to
# For `azure`, this is the name of the Azure Key Vault instance to connect to
#vaultName: '' #vaultName: ''
# The port of the vault instance to connect to # The port of the vault instance to connect to
# #
# ONLY RELEVANT iF `type` IS SET TO `hashicorp` AND `create` IS NOT TRUE # ONLY RELEVANT iF `create` IS NOT TRUE
#vaultPort: 8200 #vaultPort: 8200
# The client ID of the Azure Key Vault instance
#
# ONLY RELEVANT IF `type` IS SET TO `azure`
#clientID: ""
# The client secret of the Azure Key Vault instance
#
# ONLY RELEVANT IF `type` IS SET TO `azure`
#clientSecret: ""
# The tenant ID of the Azure Key Vault instance
#
# ONLY RELEVANT IF `type` IS SET TO `azure`
#tenantID: ""
# Configurations to create a Hashicorp Vault instance as part of the Helm chart # Configurations to create a Hashicorp Vault instance as part of the Helm chart
# #