ZhenYi/gitdataai
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
88f58a65c0
gitdataai/deploy/templates/external-secrets.yaml
ZhenYi 88f58a65c0
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
chore(project): Initialize project basic configuration and deployment template
2026-04-14 23:39:42 +08:00

77 lines
2.2 KiB
YAML
Raw Blame History

{{- /*
External Secrets - 从外部 Secret Manager 同步密钥
需要集群安装: External Secrets Operator (ESO)
https://external-secrets.io/
*/ -}}
{{- $ns := include "gitdata.namespace" . -}}
{{- /* Database Secret */ -}}
{{- if .Values.database.existingSecret -}}
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: {{ .Values.database.existingSecret }}
namespace: {{ $ns }}
spec:
refreshInterval: 1h
secretStoreRef:
name: {{ .Values.externalSecrets.storeName | default "vault-backend" }}
kind: {{ .Values.externalSecrets.storeKind | default "SecretStore" }}
target:
name: {{ .Values.database.existingSecret }}
creationPolicy: Owner
data:
- secretKey: {{ .Values.database.secretKeys.url }}
remoteRef:
key: {{ .Values.externalSecrets.databaseKey | default "gitdata/database" }}
property: url
{{- end }}
{{- /* Redis Secret */ -}}
{{- if .Values.redis.existingSecret -}}
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: {{ .Values.redis.existingSecret }}
namespace: {{ $ns }}
spec:
refreshInterval: 1h
secretStoreRef:
name: {{ .Values.externalSecrets.storeName | default "vault-backend" }}
kind: {{ .Values.externalSecrets.storeKind | default "SecretStore" }}
target:
name: {{ .Values.redis.existingSecret }}
creationPolicy: Owner
data:
- secretKey: {{ .Values.redis.secretKeys.url }}
remoteRef:
key: {{ .Values.externalSecrets.redisKey | default "gitdata/redis" }}
property: url
{{- end }}
{{- /* Qdrant Secret */ -}}
{{- if and .Values.qdrant.enabled .Values.qdrant.existingSecret -}}
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: {{ .Values.qdrant.existingSecret }}
namespace: {{ $ns }}
spec:
refreshInterval: 1h
secretStoreRef:
name: {{ .Values.externalSecrets.storeName | default "vault-backend" }}
kind: {{ .Values.externalSecrets.storeKind | default "SecretStore" }}
target:
name: {{ .Values.qdrant.existingSecret }}
creationPolicy: Owner
data:
- secretKey: {{ .Values.qdrant.secretKeys.apiKey }}
remoteRef:
key: {{ .Values.externalSecrets.qdrantKey | default "gitdata/qdrant" }}
property: apiKey
{{- end }}
Reference in New Issue View Git Blame Copy Permalink