41 lines
1.3 KiB
YAML
41 lines
1.3 KiB
YAML
{{- /*
|
|
Create secrets if they don't exist
|
|
*/ -}}
|
|
|
|
{{- /* Sensitive Properties Key Secret */ -}}
|
|
{{- $sensitiveKeySecretName := default "encryption-sensitive-key" .Values.global.encryption.sensitivePropertiesKey.secretRef.name -}}
|
|
{{- $existingSensitiveKey := (lookup "v1" "Secret" .Release.Namespace $sensitiveKeySecretName) -}}
|
|
{{- if not $existingSensitiveKey }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ $sensitiveKeySecretName }}
|
|
labels:
|
|
{{- include "nifi.labels" . | nindent 4 }}
|
|
annotations:
|
|
"helm.sh/resource-policy": "keep"
|
|
type: Opaque
|
|
data:
|
|
{{ .Values.global.encryption.sensitivePropertiesKey.secretRef.key }}: {{ randAlphaNum 32 | b64enc | quote }}
|
|
{{- end }}
|
|
|
|
{{- /* Keystore Password Secret */ -}}
|
|
{{- $keystorePasswordSecretName := default "certificate-keystore-password" .Values.global.tls.certificate.keystorePasswordSecretRef.name -}}
|
|
{{- $existingKeystorePassword := (lookup "v1" "Secret" .Release.Namespace $keystorePasswordSecretName) -}}
|
|
{{- if not $existingKeystorePassword }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ $keystorePasswordSecretName }}
|
|
labels:
|
|
{{- include "nifi.labels" . | nindent 4 }}
|
|
annotations:
|
|
"helm.sh/resource-policy": "keep"
|
|
type: Opaque
|
|
data:
|
|
{{ .Values.global.tls.certificate.keystorePasswordSecretRef.key }}: {{ randAlphaNum 32 | b64enc | quote }}
|
|
{{- end }}
|
|
|