Initial code commit
This commit is contained in:
Alan Bridgeman
parent
5b71cecab6
commit
b3382d880b
37 changed files with 1778 additions and 1 deletions
24
templates/vault-hashicorp-secret.yaml
Normal file
24
templates/vault-hashicorp-secret.yaml
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
{{- if and (.Values.vault.enabled) (eq .Values.vault.type "hashicorp") -}}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-vault-secret
|
||||
type: opaque
|
||||
data:
|
||||
{{- if .Values.vault.create.enabled }}
|
||||
# Because we create the Hashicorp Vault instance as part of the Helm chart,
|
||||
# we can use the name of the created resource (utilizing k8s built-in container connections)
|
||||
# to connect to the Vault instance without having to hard-code the Vault name.
|
||||
vault-name: {{ printf "%s-vault" .Release.Name | b64enc }}
|
||||
# Because we create the Hashicorp Vault instance as part of the Helm chart,
|
||||
# We know the port that the Vault instance is running on.
|
||||
vault-port: {{ printf "%d" 80 | b64enc }}
|
||||
{{- else }}
|
||||
# Because the Vault wasn't created as part of the Helm chart,
|
||||
# we need the deployer to specify the name of the Vault instance to connect to.
|
||||
vault-name: {{ .Values.vault.vaultName | b64enc }}
|
||||
# Because the Vault wasn't created as part of the Helm chart,
|
||||
# we need the deployer to specify the port that the Vault instance is running on.
|
||||
vault-port: {{ .Values.passVault.vaultPort | b64enc }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
Loading…
Add table
Add a link
Reference in a new issue