# Customized Hashicorp Vault Implementation - Helm Chart
This repository is meant to hold the [Helm](https://helm.sh) chart to be able to deploy the customized [Hashicorp Vault](https://www.hashicorp.com/en/products/vault) implementation to a [Kubernetes](https://kubernetes.io) cluster using the [Helm}(https://helm.sh) software.

## Including as a dependency
To use this chart as a dependency:

```yaml
dependencies:
  - name: ba-custom-hashicorp-vault
    version: 1.0.5
    repository: "https://helm.bridgemanaccessible.ca/"
    alias: passVault
    condition: passVault.enabled
```

# Values (`values.yaml`)
The following table summarizes the values that can be specified in the `values.yaml`

| Value Name                                                   | Possible Values                                                  | Required |
| ------------------------------------------------------------ | ---------------------------------------------------------------- | -------- |
| `type`                                                       | `hashicorp`                                                      | Yes      |
| `vaultName`                                                  | string                                                           | No       |
| `vaultPort`                                                  | number (ex. `8200`)                                              | No       |
| `create`.`enabled`                                           | `true` / `false`                                                 | Yes      |
| `create`.`image`.`repository`                                | string (ex. `<redacted-private-repo>/ba-custom-hashicorp-vault`) | Yes*     | 
| `create`.`image`.`tag`                                       | `latest`                                                         | Yes*     |
| `create`.`ingress`.`enabled`                                 | `true` / `false`                                                 | Yes*     |
| `create`.`ingress`.`host`                                    | string (ex. `vault.<redacted-private-hostname>`)                 | Yes**    |
| `create`.`snapshotServer`.`enabled`                          | `true` / `false`                                                 | Yes*     |
| `create`.`snapshotServer`.`externalPort`                     | number (ex. `81`)                                                | Yes***   |
| `create`.`snapshotServer`.`internalPort`                     | number (ex. `8300`)                                              | Yes***   |
| `create`.`snapshotServer`.`vaultCredsPVC`.`storageClassName` | string (ex. `vault-role-vars-rook-cephfs`)                       | Yes***   |
| `create`.`snapshotServer`.`vaultCredsPVC`.`size`             | size string (ex. `512Mi`)                                        | Yes***   |
| `create`.`appRole`.`roleIDSecretName`                        | string (ex. `VAULT_ROLE_ID`)                                     | Yes*     |
| `create`.`appRole`.`secretIDSecretName`                      | string (ex. `VAULT_SECRET_ID`)                                   | Yes*     |
| `create`.`roleVarsPVC`.`storageClassName`                    | string (ex. `vault-role-vars-rook-cephfs`)                       | Yes*     |
| `create`.`roleVarsPVC`.`size`                                | size string (ex. `512Mi`)                                        | Yes*     |
| `create`.`vaultData`.`storageClassName`                      | string(ex. `rook-ceph-block`)                                    | Yes*     |
| `create`.`vaultData`.`accessModes`                           | array<`ReadWriteOnce`>                                           | Yes*     |
| `create`.`vaultData`.`size`                                  | size string (ex. `2Gi`)                                          | Yes*     |

`*` If `create`.`enabled` is `true`
`**` If `create`.`ingress`.`enabled` is `true`
`***` If `creat`.`snapshotServer`.`enabled` is `true`