The home for Hyperlane core contracts, sdk packages, and other infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
hyperlane-monorepo/rust/helm/hyperlane-agent/templates/external-secret.yaml

48 lines
1.8 KiB

apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: {{ include "agent-common.fullname" . }}-external-secret
labels:
{{- include "agent-common.labels" . | nindent 4 }}
annotations:
update-on-redeploy: "{{ now }}"
spec:
secretStoreRef:
name: {{ include "agent-common.secret-store.name" . }}
kind: {{ .Values.externalSecrets.storeType }}
refreshInterval: "1h"
# The secret that will be created
target:
name: {{ include "agent-common.fullname" . }}-secret
template:
type: Opaque
metadata:
labels:
{{- include "agent-common.labels" . | nindent 10 }}
data:
{{- /*
* For each network, create an environment variable with the RPC endpoint.
* The templating of external-secrets will use the data section below to know how
* to replace the correct value in the created secret.
*/}}
{{- range .Values.hyperlane.chains }}
HYP_CHAINS_{{ .name | upper }}_CUSTOMRPCURLS: {{ printf "'{{ .%s_rpcs | mustFromJson | join \",\" }}'" .name }}
{{- if eq .protocol "cosmos" }}
HYP_CHAINS_{{ .name | upper }}_CUSTOMGRPCURLS: {{ printf "'{{ .%s_grpcs | mustFromJson | join \",\" }}'" .name }}
{{- end }}
{{- end }}
data:
{{- /*
* For each network, load the secret in GCP secret manager with the form: environment-rpc-endpoints-network,
* and associate it with the secret key networkname_rpcs.
*/}}
{{- range .Values.hyperlane.chains }}
- secretKey: {{ printf "%s_rpcs" .name }}
remoteRef:
key: {{ printf "%s-rpc-endpoints-%s" $.Values.hyperlane.runEnv .name }}
{{- if eq .protocol "cosmos" }}
- secretKey: {{ printf "%s_grpcs" .name }}
remoteRef:
key: {{ printf "%s-grpc-endpoints-%s" $.Values.hyperlane.runEnv .name }}
{{- end }}
{{- end }}