{{- if .Values.hyperlane.relayer.enabled }} apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: name: {{ include "agent-common.fullname" . }}-relayer-external-secret labels: {{- include "agent-common.labels" . | nindent 4 }} annotations: update-on-redeploy: "{{ now }}" spec: secretStoreRef: name: {{ include "agent-common.cluster-secret-store.name" . }} kind: ClusterSecretStore refreshInterval: "1h" # The secret that will be created target: name: {{ include "agent-common.fullname" . }}-relayer-secret template: type: Opaque metadata: labels: {{- include "agent-common.labels" . | nindent 10 }} data: {{- range .Values.hyperlane.relayerChains }} {{- if eq .signer.type "hexKey" }} HYP_BASE_CHAINS_{{ .name | upper }}_SIGNER_KEY: {{ printf "'{{ .%s_signer_key | toString }}'" .name }} {{- end }} {{- end }} {{- if .Values.hyperlane.relayer.aws }} AWS_ACCESS_KEY_ID: {{ print "'{{ .aws_access_key_id | toString }}'" }} AWS_SECRET_ACCESS_KEY: {{ print "'{{ .aws_secret_access_key | toString }}'" }} {{- end }} data: {{- range .Values.hyperlane.relayerChains }} {{- if eq .signer.type "hexKey" }} - secretKey: {{ printf "%s_signer_key" .name }} remoteRef: key: {{ printf "%s-%s-key-%s-relayer" $.Values.hyperlane.context $.Values.hyperlane.runEnv $.Values.hyperlane.relayer.config.originChainName }} property: privateKey {{- end }} {{- end }} {{- if .Values.hyperlane.relayer.aws }} - secretKey: aws_access_key_id remoteRef: key: {{ printf "%s-%s-%s-relayer-aws-access-key-id" .Values.hyperlane.context .Values.hyperlane.runEnv .Values.hyperlane.relayer.config.originChainName }} - secretKey: aws_secret_access_key remoteRef: key: {{ printf "%s-%s-%s-relayer-aws-secret-access-key" .Values.hyperlane.context .Values.hyperlane.runEnv .Values.hyperlane.relayer.config.originChainName }} {{- end }} {{- end }}