The home for Hyperlane core contracts, sdk packages, and other infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
hyperlane-monorepo/rust/helm/hyperlane-agent/templates/relayer-external-secret.yaml

59 lines
2.5 KiB

{{- if .Values.hyperlane.relayer.enabled }}
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: {{ include "agent-common.fullname" . }}-relayer-external-secret
labels:
{{- include "agent-common.labels" . | nindent 4 }}
annotations:
update-on-redeploy: "{{ now }}"
spec:
secretStoreRef:
name: {{ include "agent-common.cluster-secret-store.name" . }}
kind: ClusterSecretStore
refreshInterval: "1h"
# The secret that will be created
target:
name: {{ include "agent-common.fullname" . }}-relayer-secret
template:
type: Opaque
metadata:
labels:
{{- include "agent-common.labels" . | nindent 10 }}
data:
{{- range .Values.hyperlane.relayer.signers }}
{{- if eq .keyConfig.type "hexKey" }}
HYP_BASE_SIGNERS_{{ .name | upper }}_KEY: {{ printf "'{{ .%s_signer_key | toString }}'" .name }}
{{- end }}
{{- end }}
{{- if .Values.hyperlane.relayer.aws }}
AWS_ACCESS_KEY_ID: {{ print "'{{ .aws_access_key_id | toString }}'" }}
AWS_SECRET_ACCESS_KEY: {{ print "'{{ .aws_secret_access_key | toString }}'" }}
{{- end }}
{{- if eq .Values.hyperlane.relayer.config.gasPaymentEnforcementPolicy.type "meetsEstimatedCost" }}
HYP_RELAYER_GASPAYMENTENFORCEMENTPOLICY_COINGECKOAPIKEY: {{ print "'{{ .coingecko_api_key | toString }}'" }}
{{- end }}
data:
{{- range .Values.hyperlane.relayer.signers }}
{{- if eq .keyConfig.type "hexKey" }}
- secretKey: {{ printf "%s_signer_key" .name }}
remoteRef:
key: {{ printf "%s-%s-key-%s-relayer" $.Values.hyperlane.context $.Values.hyperlane.runEnv $.Values.hyperlane.relayer.config.originChainName }}
property: privateKey
{{- end }}
{{- end }}
{{- if .Values.hyperlane.relayer.aws }}
- secretKey: aws_access_key_id
remoteRef:
key: {{ printf "%s-%s-%s-relayer-aws-access-key-id" .Values.hyperlane.context .Values.hyperlane.runEnv .Values.hyperlane.relayer.config.originChainName }}
- secretKey: aws_secret_access_key
remoteRef:
key: {{ printf "%s-%s-%s-relayer-aws-secret-access-key" .Values.hyperlane.context .Values.hyperlane.runEnv .Values.hyperlane.relayer.config.originChainName }}
{{- end }}
{{- if eq .Values.hyperlane.relayer.config.gasPaymentEnforcementPolicy.type "meetsEstimatedCost" }}
- secretKey: coingecko_api_key
remoteRef:
key: {{ printf "%s-coingecko-api-key" .Values.hyperlane.runEnv }}
{{- end }}
{{- end }}