alexlebens/helm-charts
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Releases 517 Activity
Files
5cb8e9d43e6352a1ba49f62692da80e0bc8dcd54
helm-charts/charts/volsync-target/templates/external-secret.yaml
Alex Lebens 617b14b7aa
All checks were successful
lint-and-test / lint-helm (push) Successful in 25s
Details
release-charts-volsync-target / release (push) Successful in 37s
Details
renovate / renovate (push) Successful in 59s
Details
lint-and-test / chart-testing (push) Successful in 2m1s
Details
feat: switch to openbao
2026-04-24 15:38:27 -05:00

150 lines
6.1 KiB
YAML
Raw Blame History

{{- if and (.Values.local.enabled) (.Values.externalSecrets.enabled) }}
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: {{ include "volsync.localRepoName" . }}
namespace: {{ include "volsync.namespace" . }}
labels:
{{- include "volsync.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "volsync.localRepoName" . }}
{{- with .Values.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: openbao
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "s3:{{ `{{ .ENDPOINT }}` }}/{{ `{{ .BUCKET }}` }}/{{ .Values.kubernetesClusterName }}/{{ .Release.Namespace }}/{{ .Values.pvcTarget | required "PVC target is required" }}"
data:
- secretKey: ENDPOINT
remoteRef:
key: {{ .Values.local.externalSecret.bucketPath | required "External Secret Volsync local path is required" }}
property: ENDPOINT_LOCAL
- secretKey: BUCKET
remoteRef:
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Volsync local path is required" }}
property: BUCKET
- secretKey: RESTIC_PASSWORD
remoteRef:
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Volsync local path is required" }}
property: RESTIC_PASSWORD_LOCAL
- secretKey: AWS_DEFAULT_REGION
remoteRef:
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential local path is required" }}
property: ACCESS_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential local path is required" }}
property: ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential local path is required" }}
property: ACCESS_SECRET_KEY
{{- end }}
{{- if and (.Values.remote.enabled) (.Values.externalSecrets.enabled) }}
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: {{ include "volsync.remoteRepoName" . }}
namespace: {{ include "volsync.namespace" . }}
labels:
{{- include "volsync.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "volsync.remoteRepoName" . }}
{{- with .Values.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: openbao
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "s3:{{ `{{ .ENDPOINT }}` }}/{{ `{{ .BUCKET }}` }}/{{ .Values.kubernetesClusterName }}/{{ .Release.Namespace }}/{{ .Values.pvcTarget | required "PVC target is required" }}"
data:
- secretKey: ENDPOINT
remoteRef:
key: {{ .Values.remote.externalSecret.bucketPath | required "External Secret Volsync local path is required" }}
property: ENDPOINT_REMOTE
- secretKey: BUCKET
remoteRef:
key: {{ .Values.remote.externalSecret.credentialPath | required "External Secret Volsync local path is required" }}
property: BUCKET
- secretKey: RESTIC_PASSWORD
remoteRef:
key: {{ .Values.remote.externalSecret.credentialPath | required "External Secret Volsync local path is required" }}
property: RESTIC_PASSWORD_REMOTE
- secretKey: AWS_DEFAULT_REGION
remoteRef:
key: {{ .Values.remote.externalSecret.credentialPath | required "External Secret Credential remote path is required" }}
property: ACCESS_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
key: {{ .Values.remote.externalSecret.credentialPath | required "External Secret Credential remote path is required" }}
property: ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
key: {{ .Values.remote.externalSecret.credentialPath | required "External Secret Credential remote path is required" }}
property: ACCESS_SECRET_KEY
{{- end }}
{{- if and (.Values.external.enabled) (.Values.externalSecrets.enabled) }}
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: {{ include "volsync.externalRepoName" . }}
namespace: {{ include "volsync.namespace" . }}
labels:
{{- include "volsync.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "volsync.externalRepoName" . }}
{{- with .Values.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: openbao
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "s3:{{ `{{ .ENDPOINT }}` }}/{{ `{{ .BUCKET }}` }}/{{ .Values.kubernetesClusterName }}/{{ .Release.Namespace }}/{{ .Values.pvcTarget | required "PVC target is required" }}"
data:
- secretKey: ENDPOINT
remoteRef:
key: {{ .Values.external.externalSecret.bucketPath | required "External Secret Volsync external path is required" }}
property: ENDPOINT
- secretKey: BUCKET
remoteRef:
key: {{ .Values.external.externalSecret.credentialPath | required "External Secret Volsync local path is required" }}
property: BUCKET
- secretKey: RESTIC_PASSWORD
remoteRef:
key: {{ .Values.external.externalSecret.credentialPath | required "External Secret Volsync external path is required" }}
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
key: {{ .Values.external.externalSecret.credentialPath | required "External Secret Credential external path is required" }}
property: AWS_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
key: {{ .Values.external.externalSecret.credentialPath | required "External Secret Credential external path is required" }}
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
key: {{ .Values.external.externalSecret.credentialPath | required "External Secret Credential external path is required" }}
property: AWS_SECRET_ACCESS_KEY
{{- end }}
Reference in New Issue View Git Blame Copy Permalink