67 lines
2.5 KiB
YAML
67 lines
2.5 KiB
YAML
{{- if and (eq .Values.backup.method "objectStore") (.Values.backup.externalSecret.enabled) }}
|
|
{{- $context := . }}
|
|
{{- range .Values.backup.objectStore }}
|
|
---
|
|
apiVersion: external-secrets.io/v1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: {{ include "cluster.backupSecretName" (dict "instance" . "global" $context) }}
|
|
namespace: {{ include "cluster.namespace" $context }}
|
|
labels:
|
|
app.kubernetes.io/name: {{ include "cluster.backupSecretName" (dict "instance" . "global" $context) }}
|
|
{{- include "cluster.labels" $context | nindent 4 }}
|
|
{{- with $context.Values.cluster.additionalLabels }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
spec:
|
|
secretStoreRef:
|
|
kind: ClusterSecretStore
|
|
name: openbao
|
|
data:
|
|
- secretKey: ACCESS_REGION
|
|
remoteRef:
|
|
key: {{ .externalSecretCredentialPath | required "External Secret Credential local path is required" }}
|
|
property: ACCESS_REGION
|
|
- secretKey: ACCESS_KEY_ID
|
|
remoteRef:
|
|
key: {{ .externalSecretCredentialPath | required "External Secret Credential local path is required" }}
|
|
property: ACCESS_KEY_ID
|
|
- secretKey: ACCESS_SECRET_KEY
|
|
remoteRef:
|
|
key: {{ .externalSecretCredentialPath| required "External Secret Credential local path is required" }}
|
|
property: ACCESS_SECRET_KEY
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
{{- if and (eq .Values.recovery.method "objectStore") (.Values.recovery.objectStore.externalSecret.enabled) }}
|
|
---
|
|
apiVersion: external-secrets.io/v1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: {{ include "cluster.recoverySecretName" . }}
|
|
namespace: {{ include "cluster.namespace" . }}
|
|
labels:
|
|
{{- include "cluster.labels" . | nindent 4 }}
|
|
app.kubernetes.io/name: {{ include "cluster.recoverySecretName" . }}
|
|
{{- with .Values.cluster.additionalLabels }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
spec:
|
|
secretStoreRef:
|
|
kind: ClusterSecretStore
|
|
name: openbao
|
|
data:
|
|
- secretKey: ACCESS_REGION
|
|
remoteRef:
|
|
key: {{ .Values.recovery.objectStore.externalSecret.credentialPath | required "External Secret Credential local path is required" }}
|
|
property: ACCESS_REGION
|
|
- secretKey: ACCESS_KEY_ID
|
|
remoteRef:
|
|
key: {{ .Values.recovery.objectStore.externalSecret.credentialPath | required "External Secret Credential local path is required" }}
|
|
property: ACCESS_KEY_ID
|
|
- secretKey: ACCESS_SECRET_KEY
|
|
remoteRef:
|
|
key: {{ .Values.recovery.objectStore.externalSecret.credentialPath | required "External Secret Credential local path is required" }}
|
|
property: ACCESS_SECRET_KEY
|
|
{{- end }}
|