You've already forked reposilite-charts
feat(secret): support annotations and labels for the basic auth secret
All checks were successful
Helm / helm-lint (push) Successful in 6s
Helm / helm-unittest (push) Successful in 6s
Generate README / generate-parameters (push) Successful in 28s
Markdown linter / markdown-link-checker (push) Successful in 18s
Release / publish-chart (push) Successful in 8s
Markdown linter / markdown-lint (push) Successful in 28s
All checks were successful
Helm / helm-lint (push) Successful in 6s
Helm / helm-unittest (push) Successful in 6s
Generate README / generate-parameters (push) Successful in 28s
Markdown linter / markdown-link-checker (push) Successful in 18s
Release / publish-chart (push) Successful in 8s
Markdown linter / markdown-lint (push) Successful in 28s
This commit is contained in:
@@ -27,8 +27,8 @@
|
||||
{{- end }}
|
||||
|
||||
{{- if or (eq (include "reposilite.podMonitor.enabled" $ ) "true") (eq (include "reposilite.serviceMonitor.enabled" $ ) "true") -}}
|
||||
{{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_USER" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" "username")))) }}
|
||||
{{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PASSWORD" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" "password")))) }}
|
||||
{{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_USER" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.usernameKey" $))))) }}
|
||||
{{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PASSWORD" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.passwordKey" $))))) }}
|
||||
{{- end }}
|
||||
|
||||
{{ toYaml (dict "env" $env) }}
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
|
||||
{{- define "reposilite.pod.annotations" -}}
|
||||
{{ include "reposilite.annotations" . }}
|
||||
{{- if .Values.prometheus.metrics.enabled -}}
|
||||
{{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) -}}
|
||||
{{- printf "checksum/secret-%s: %s" (include "reposilite.secrets.prometheusBasicAuth.name" $) (include (print $.Template.BasePath "/secretPrometheusBasicAuth.yaml") . | sha256sum) }}
|
||||
{{- end -}}
|
||||
{{- end }}
|
||||
|
||||
@@ -4,16 +4,50 @@
|
||||
|
||||
{{- define "reposilite.secrets.prometheusBasicAuth.annotations" -}}
|
||||
{{ include "reposilite.annotations" . }}
|
||||
{{- if .Values.prometheus.metrics.secret.new.annotations }}
|
||||
{{ toYaml .Values.prometheus.metrics.secret.new.annotations }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* labels */}}
|
||||
|
||||
{{- define "reposilite.secrets.prometheusBasicAuth.labels" -}}
|
||||
{{ include "reposilite.labels" . }}
|
||||
{{- if .Values.prometheus.metrics.secret.new.labels }}
|
||||
{{ toYaml .Values.prometheus.metrics.secret.new.labels }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* names */}}
|
||||
|
||||
{{- define "reposilite.secrets.prometheusBasicAuth.name" -}}
|
||||
{{ include "reposilite.fullname" . }}-basic-auth-credentials
|
||||
{{- end -}}
|
||||
{{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.secretName) 0) }}
|
||||
{{- print .Values.prometheus.metrics.secret.existing.secretName -}}
|
||||
{{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.secretName) 0) }}
|
||||
{{ fail "Name of the existing secret that contains the credentials for basic auth is not defined!" }}
|
||||
{{- else if not .Values.prometheus.metrics.secret.existing.enabled }}
|
||||
{{- printf "%s-basic-auth-credentials" (include "reposilite.fullname" $) -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* secretKeyNames */}}
|
||||
|
||||
{{- define "reposilite.secrets.prometheusBasicAuth.passwordKey" -}}
|
||||
{{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) -}}
|
||||
{{- .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey -}}
|
||||
{{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) }}
|
||||
{{ fail "Name of the key in the secret that contains the password for basic auth is not defined!" }}
|
||||
{{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }}
|
||||
{{- print "password" -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- define "reposilite.secrets.prometheusBasicAuth.usernameKey" -}}
|
||||
{{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) -}}
|
||||
{{- .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey -}}
|
||||
{{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) }}
|
||||
{{ fail "Name of the key in the secret that contains the username for basic auth is not defined!" }}
|
||||
{{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }}
|
||||
{{- print "username" -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -17,10 +17,10 @@ spec:
|
||||
podMetricsEndpoints:
|
||||
- basicAuth:
|
||||
password:
|
||||
key: password
|
||||
key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }}
|
||||
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
|
||||
username:
|
||||
key: username
|
||||
key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }}
|
||||
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
|
||||
enableHttp2: {{ required "The enableHttp2 option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.enableHttp2 }}
|
||||
followRedirects: {{ required "The followRedirects option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.followRedirects }}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{{- if .Values.prometheus.metrics.enabled }}
|
||||
{{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
@@ -14,6 +14,6 @@ metadata:
|
||||
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
stringData:
|
||||
password: {{ default (randAlphaNum 16) .Values.prometheus.metrics.basicAuthPassword }}
|
||||
username: {{ default (randAlphaNum 16) .Values.prometheus.metrics.basicAuthUsername }}
|
||||
password: {{ default (randAlphaNum 16) .Values.prometheus.metrics.secret.new.basicAuthPassword }}
|
||||
username: {{ default (randAlphaNum 16) .Values.prometheus.metrics.secret.new.basicAuthUsername }}
|
||||
{{- end }}
|
||||
|
||||
@@ -17,10 +17,10 @@ spec:
|
||||
endpoints:
|
||||
- basicAuth:
|
||||
password:
|
||||
key: password
|
||||
key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }}
|
||||
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
|
||||
username:
|
||||
key: username
|
||||
key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }}
|
||||
name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }}
|
||||
enableHttp2: {{ required "The enableHttp2 option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.enableHttp2 }}
|
||||
followRedirects: {{ required "The followRedirects option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.followRedirects }}
|
||||
|
||||
Reference in New Issue
Block a user