feat(helm): Support configurable SecretStore type (#2257)

### Description

This PR makes the SecretStore type as configurable for all external
secrets instead of using fixed `ClusterSecretStore` type.

### Drive-by changes

_Are there any minor or drive-by changes also included?_

### Related issues

- Fixes #[issue number here]

### Backward compatibility

_Are these changes backward compatible?_

No
`externalSecrets.clusterSecretStore` should be replaced with
`externalSecrets.StoreName` in the values.

_Are there any infrastructure implications, e.g. changes that would
prohibit deploying older commits using this infra tooling?_

None

### Testing

_What kind of testing have these changes undergone?_

Manual

Signed-off-by: josedev-union <josedev-union@users.noreply.github.com>
Co-authored-by: josedev-union <josedev-union@users.noreply.github.com>
pull/2294/head
josedev-union 1 year ago committed by GitHub
parent ec63ed19c5
commit 8a12608220
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 6
      rust/helm/agent-common/templates/_helpers.tpl
  2. 4
      rust/helm/hyperlane-agent/templates/external-secret.yaml
  3. 4
      rust/helm/hyperlane-agent/templates/relayer-external-secret.yaml
  4. 4
      rust/helm/hyperlane-agent/templates/scraper-external-secret.yaml
  5. 4
      rust/helm/hyperlane-agent/templates/validator-external-secret.yaml
  6. 5
      rust/helm/hyperlane-agent/values.yaml

@ -65,10 +65,10 @@ Create the name of the service account to use
{{- end }} {{- end }}
{{/* {{/*
The name of the ClusterSecretStore The name of the ClusterSecretStore/SecretStore
*/}} */}}
{{- define "agent-common.cluster-secret-store.name" -}} {{- define "agent-common.secret-store.name" -}}
{{- default "external-secrets-gcp-cluster-secret-store" .Values.externalSecrets.clusterSecretStore }} {{- default "external-secrets-gcp-cluster-secret-store" .Values.externalSecrets.StoreName }}
{{- end }} {{- end }}
{{/* {{/*

@ -8,8 +8,8 @@ metadata:
update-on-redeploy: "{{ now }}" update-on-redeploy: "{{ now }}"
spec: spec:
secretStoreRef: secretStoreRef:
name: {{ include "agent-common.cluster-secret-store.name" . }} name: {{ include "agent-common.secret-store.name" . }}
kind: ClusterSecretStore kind: {{ .Values.externalSecrets.StoreType }}
refreshInterval: "1h" refreshInterval: "1h"
# The secret that will be created # The secret that will be created
target: target:

@ -9,8 +9,8 @@ metadata:
update-on-redeploy: "{{ now }}" update-on-redeploy: "{{ now }}"
spec: spec:
secretStoreRef: secretStoreRef:
name: {{ include "agent-common.cluster-secret-store.name" . }} name: {{ include "agent-common.secret-store.name" . }}
kind: ClusterSecretStore kind: {{ .Values.externalSecrets.StoreType }}
refreshInterval: "1h" refreshInterval: "1h"
# The secret that will be created # The secret that will be created
target: target:

@ -9,8 +9,8 @@ metadata:
update-on-redeploy: "{{ now }}" update-on-redeploy: "{{ now }}"
spec: spec:
secretStoreRef: secretStoreRef:
name: {{ include "agent-common.cluster-secret-store.name" . }} name: {{ include "agent-common.secret-store.name" . }}
kind: ClusterSecretStore kind: {{ .Values.externalSecrets.StoreType }}
refreshInterval: "1h" refreshInterval: "1h"
# The secret that will be created # The secret that will be created
target: target:

@ -9,8 +9,8 @@ metadata:
update-on-redeploy: "{{ now }}" update-on-redeploy: "{{ now }}"
spec: spec:
secretStoreRef: secretStoreRef:
name: {{ include "agent-common.cluster-secret-store.name" . }} name: {{ include "agent-common.secret-store.name" . }}
kind: ClusterSecretStore kind: {{ .Values.externalSecrets.StoreType }}
refreshInterval: "1h" refreshInterval: "1h"
# The secret that will be created # The secret that will be created
target: target:

@ -12,8 +12,11 @@ serviceAccount:
annotations: {} annotations: {}
name: '' name: ''
# -- External Secret Store type and name
externalSecrets: externalSecrets:
clusterSecretStore: # Available types: SecretStore, ClusterSecretStore
StoreType: ClusterSecretStore
StoreName:
podAnnotations: {} podAnnotations: {}
podCommonLabels: {} podCommonLabels: {}

Loading…
Cancel
Save