34 lines
1.3 KiB
YAML
34 lines
1.3 KiB
YAML
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ include "exam.fullname" . }}-secrets
|
|
labels:
|
|
{{- include "exam.labels" . | nindent 4 }}
|
|
data:
|
|
{{- range $key, $val := .Values.secrets }}
|
|
{{ $key }}: {{ required "A value is required, configure .Values.secrets or create secrets.yaml" $val | b64enc | quote }}
|
|
{{- end }}
|
|
type: Opaque
|
|
---
|
|
{{- if .Values.ingress.ssl.enabled }}
|
|
{{- $secretName := printf "%s-crt" (include "exam.fullname" .) }}
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ $secretName }}
|
|
labels:
|
|
{{- include "exam.labels" . | nindent 4 }}
|
|
type: kubernetes.io/tls
|
|
data:
|
|
{{- if (include "exam.createTlsSecret" . ) }}
|
|
{{- $ca := genCA "ingress-ca" 365 }}
|
|
{{- $fullname := (include "exam.host" . ) }}
|
|
{{- $cert := genSignedCert $fullname nil nil 365 $ca }}
|
|
tls.crt: {{ include "exam.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
|
|
tls.key: {{ include "exam.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
|
|
ca.crt: {{ include "exam.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
|
|
{{- else }}
|
|
tls.crt: {{ .Files.Get $.Values.ingress.ssl.cert | b64enc | quote }}
|
|
tls.key: {{ .Files.Get $.Values.ingress.ssl.key | b64enc | quote }}
|
|
{{- end }}
|
|
{{- end }} |