{{- if and (.Values.vault.enabled) (eq .Values.vault.type "hashicorp") -}}
apiVersion: v1
kind: Secret
metadata:
  name: {{ .Release.Name }}-vault-secret
type: opaque
data:
  {{- if .Values.vault.create.enabled }}
  # Because we create the Hashicorp Vault instance as part of the Helm chart, 
  # we can use the name of the created resource (utilizing k8s built-in container connections)
  # to connect to the Vault instance without having to hard-code the Vault name.
  vault-name: {{ printf "%s-vault" .Release.Name | b64enc }}
  # Because we create the Hashicorp Vault instance as part of the Helm chart,
  # We know the port that the Vault instance is running on.
  vault-port: {{ printf "%d" 80 | b64enc }}
  {{- else }}
  # Because the Vault wasn't created as part of the Helm chart,
  # we need the deployer to specify the name of the Vault instance to connect to.
  vault-name: {{ .Values.vault.vaultName | b64enc }}
  # Because the Vault wasn't created as part of the Helm chart,
  # we need the deployer to specify the port that the Vault instance is running on.
  vault-port: {{ .Values.passVault.vaultPort | b64enc }}
  {{- end }}
{{- end -}}