32 lines
1.3 KiB
YAML
32 lines
1.3 KiB
YAML
{{- if .Values.controller.admin.externalSecret.enabled }}
|
|
{{- $es := .Values.controller.admin.externalSecret }}
|
|
{{- $rr := $es.remoteRef | default dict }}
|
|
{{- $sk := $rr.secretKey | default "password" }}
|
|
apiVersion: external-secrets.io/v1beta1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: {{ include "jenkins.fullname" . }}-admin-vault
|
|
namespace: {{ template "jenkins.namespace" . }}
|
|
labels:
|
|
{{- include "jenkins.labels" . | nindent 4 }}
|
|
spec:
|
|
refreshInterval: {{ $es.refreshInterval | default "1h" | quote }}
|
|
secretStoreRef:
|
|
name: {{ $es.secretStoreRef.name }}
|
|
kind: {{ $es.secretStoreRef.kind | default "ClusterSecretStore" }}
|
|
target:
|
|
name: {{ .Values.controller.admin.existingSecret | default "jenkins-admin" | quote }}
|
|
creationPolicy: Owner
|
|
template:
|
|
engineVersion: v2
|
|
mergePolicy: Replace
|
|
data:
|
|
{{ .Values.controller.admin.userKey | default "jenkins-admin-user" | quote }}: {{ .Values.controller.admin.username | default "admin" | quote }}
|
|
{{ .Values.controller.admin.passwordKey | default "jenkins-admin-password" | quote }}: {{ printf "{{ .%s }}" $sk | quote }}
|
|
data:
|
|
- secretKey: {{ $sk | quote }}
|
|
remoteRef:
|
|
key: {{ $rr.key | quote }}
|
|
property: {{ $rr.property | quote }}
|
|
{{- end }}
|