32 lines
1.1 KiB
YAML
32 lines
1.1 KiB
YAML
{{- /*
|
|
Bootstrap secrets for development only.
|
|
In production, use an external secret manager (Vault, SealedSecrets, External Secrets).
|
|
*/ -}}
|
|
{{- $secrets := .Values.secrets | default dict -}}
|
|
{{- if and (ne $secrets.enabled false) $secrets.enabled -}}
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ include "admin.fullname" . }}-secrets
|
|
namespace: {{ include "admin.namespace" . }}
|
|
labels:
|
|
app.kubernetes.io/name: {{ .Chart.Name }}
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
annotations:
|
|
"helm.sh/resource-policy": keep
|
|
type: Opaque
|
|
stringData:
|
|
{{- if $secrets.databaseUrl }}
|
|
{{ .Values.admin.secretKeys.databaseUrl }}: {{ $secrets.databaseUrl | quote }}
|
|
{{- end }}
|
|
{{- if $secrets.redisUrl }}
|
|
{{ .Values.admin.secretKeys.redisUrl }}: {{ $secrets.redisUrl | quote }}
|
|
{{- end }}
|
|
{{- if $secrets.nextAuthSecret }}
|
|
{{ .Values.admin.secretKeys.nextAuthSecret }}: {{ $secrets.nextAuthSecret | quote }}
|
|
{{- end }}
|
|
{{- range $key, $value := $secrets.extra | default dict }}
|
|
{{ $key }}: {{ $value | quote }}
|
|
{{- end }}
|
|
{{- end }}
|