Skip to content

Commit be1dcd2

Browse files
spnnglspnngl
committed
feat(external-secrets-kit): first release
1 parent 2d54cf8 commit be1dcd2

File tree

6 files changed

+159
-0
lines changed

6 files changed

+159
-0
lines changed

charts/external-secrets-kit/.helmignore

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
# Patterns to ignore when building packages.
2+
# This supports shell glob matching, relative path matching, and
3+
# negation (prefixed with !). Only one pattern per line.
4+
.DS_Store
5+
# Common VCS dirs
6+
.git/
7+
.gitignore
8+
.bzr/
9+
.bzrignore
10+
.hg/
11+
.hgignore
12+
.svn/
13+
# Common backup files
14+
*.swp
15+
*.bak
16+
*.tmp
17+
*.orig
18+
*~
19+
# Various IDEs
20+
.project
21+
.idea/
22+
*.tmproj
23+
.vscode/

charts/external-secrets-kit/Chart.yaml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
apiVersion: v2
2+
name: external-secrets-kit
3+
description: A Helm chart to deploy a ClusterSecretStore and linked ExternalSecrets
4+
type: application
5+
# CRDs version
6+
appVersion: 0.16.1
7+
version: 0.0.1
8+
maintainers:
9+
- name: Wiremind
10+
url: https://github.com/wiremind/wiremind-helm-charts

charts/external-secrets-kit/templates/_helpers.tpl

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
{{/*
2+
Expand the name of the chart.
3+
*/}}
4+
{{- define "kit.name" -}}
5+
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
6+
{{- end }}
7+
8+
{{/*
9+
Create a default fully qualified app name.
10+
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
11+
If release name contains chart name it will be used as a full name.
12+
*/}}
13+
{{- define "kit.fullname" -}}
14+
{{- if .Values.fullnameOverride }}
15+
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
16+
{{- else }}
17+
{{- $name := default .Chart.Name .Values.nameOverride }}
18+
{{- if contains $name .Release.Name }}
19+
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
20+
{{- else }}
21+
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
22+
{{- end }}
23+
{{- end }}
24+
{{- end }}
25+
26+
{{/*
27+
Create chart name and version as used by the chart label.
28+
*/}}
29+
{{- define "kit.chart" -}}
30+
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
31+
{{- end }}
32+
33+
{{/*
34+
Common labels
35+
*/}}
36+
{{- define "kit.labels" -}}
37+
helm.sh/chart: {{ include "kit.chart" . }}
38+
{{- if .Chart.AppVersion }}
39+
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
40+
{{- end }}
41+
app.kubernetes.io/managed-by: {{ .Release.Service }}
42+
{{- end }}

charts/external-secrets-kit/templates/clustersecretstore.yaml

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
---
2+
apiVersion: external-secrets.io/v1
3+
kind: ClusterSecretStore
4+
metadata:
5+
name: {{ .Values.store.name }}
6+
labels:
7+
{{- include "kit.labels" . | nindent 4 }}
8+
spec:
9+
conditions:
10+
- namespaceSelector:
11+
{{- with .Values.store.namespaceSelector }}
12+
{{- toYaml . | nindent 8 }}
13+
{{- end }}
14+
provider:
15+
{{- with .Values.store.provider }}
16+
{{- toYaml . | nindent 4 }}
17+
{{- end }}

charts/external-secrets-kit/templates/externalsecrets.yaml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
{{- range $k, $v := .Values.secrets }}
2+
apiVersion: external-secrets.io/v1
3+
kind: ExternalSecret
4+
metadata:
5+
name: {{ $k }}
6+
labels:
7+
{{- include "kit.labels" $ | nindent 4 }}
8+
spec:
9+
{{ $v | toYaml | nindent 2 }}
10+
---
11+
{{- end }}

charts/external-secrets-kit/values.yaml

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
store:
2+
name: "truc-common"
3+
4+
namespaceSelector: {}
5+
# matchLabels:
6+
# environment-kind: coucou
7+
# project: bidule
8+
9+
provider: {}
10+
# truc:
11+
# auth:
12+
# universalAuthCredentials:
13+
# clientId:
14+
# key: clientId
15+
# name: creds
16+
# namespace: default
17+
# clientSecret:
18+
# key: clientSecret
19+
# name: creds
20+
# namespace: default
21+
# hostAPI: https://truc.com
22+
# secretsScope:
23+
# environmentSlug: x
24+
# expandSecretReferences: true
25+
# projectSlug: x-xx-xxx
26+
# recursive: true
27+
# secretsPath: /common/
28+
29+
secrets: {}
30+
# secret1:
31+
# data:
32+
# - remoteRef:
33+
# conversionStrategy: Default
34+
# decodingStrategy: None
35+
# key: PASSWORD
36+
# metadataPolicy: None
37+
# secretKey: password
38+
# sourceRef:
39+
# storeRef:
40+
# kind: ClusterSecretStore
41+
# name: truc-common
42+
# refreshInterval: 1h
43+
# target:
44+
# creationPolicy: Owner
45+
# deletionPolicy: Retain
46+
# name: target-secret
47+
# template:
48+
# data:
49+
# MACHIN: >-
50+
# http://truc:{{ .password
51+
# }}@machin.default
52+
# CHOSE: >-
53+
# http://truc:{{ .password
54+
# }}@chose.default
55+
# engineVersion: v2
56+
# mergePolicy: Replace

0 commit comments

Comments
 (0)