From 6500963d0b783f6d1e0d3e63b488d6b143d1e5bc Mon Sep 17 00:00:00 2001
From: dvirlabs <dvirlabs@gmail.com>
Date: Thu, 22 May 2025 16:11:54 +0300
Subject: [PATCH] Fix kibana cr

---
 charts/eck-resources/templates/kibana.yaml | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/charts/eck-resources/templates/kibana.yaml b/charts/eck-resources/templates/kibana.yaml
index 3176bf5..b2853c4 100644
--- a/charts/eck-resources/templates/kibana.yaml
+++ b/charts/eck-resources/templates/kibana.yaml
@@ -13,27 +13,25 @@ spec:
       oidc.oidc1:
         order: 0
         realm: "keycloak"
+{{- if and .Values.oidc .Values.oidc.existingSecret }}
+    {{- $secret := lookup "v1" "Secret" "monitoring" .Values.oidc.existingSecret }}
+    {{- $clientSecret := (hasKey $secret.data "clientSecret") | ternary ($secret.data.clientSecret | b64dec | quote) "\"\"" }}
     xpack.security.authc.oidc.realms.keycloak:
       order: 0
       rp.client_id: "kibana"
       rp.response_type: "code"
       rp.redirect_uri: "https://{{ .Values.host }}/api/security/oidc/callback"
       rp.post_logout_redirect_uri: "https://{{ .Values.host }}"
-{{- if and .Values.oidc .Values.oidc.existingSecret }}
-      rp.client_secret: {{ (lookup "v1" "Secret" "monitoring" .Values.oidc.existingSecret).data.clientSecret | b64dec | quote }}
+      rp.client_secret: {{ $clientSecret }}
       idp.metadata_url: "https://keycloak.dvirlabs.com/realms/{{ .Values.oidc.realm }}/.well-known/openid-configuration"
       idp.entity_id: "https://keycloak.dvirlabs.com/realms/{{ .Values.oidc.realm }}"
-{{- else }}
-      rp.client_secret: ""
-      idp.metadata_url: ""
-      idp.entity_id: ""
-{{- end }}
       claim_patterns.principal: "preferred_username"
       claim_patterns.groups: "roles"
+{{- end }}
   http:
     tls:
       selfSignedCertificate:
         disabled: true
     service:
       spec:
-        type: ClusterIP
\ No newline at end of file
+        type: ClusterIP