Merge pull request OneUptime#1725 from fzamperin/master

Refactor changing secret values from data to stringData
yonasBSD · Oct 1, 2024 · cc0670c · cc0670c
2 parents 0733c15 + 8727914
commit cc0670c
Showing 1 changed file with 20 additions and 21 deletions.
diff --git a/HelmChart/Public/oneuptime/templates/secrets.yaml b/HelmChart/Public/oneuptime/templates/secrets.yaml
@@ -5,33 +5,32 @@ metadata:
   annotations:
     "helm.sh/resource-policy": "keep"
 type: Opaque
-data:
+stringData:
   ## Secrets Change when the release is upgraded
   ## https://github.com/helm/helm-www/issues/1259
   ## This is a workaround to keep the secrets unchanged
   {{- if .Release.IsUpgrade }}
 
-  internal-smtp: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "internal-smtp" }}
-  oneuptime-secret: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "oneuptime-secret" }}
-  encryption-secret: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "encryption-secret" }}
+  internal-smtp: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "internal-smtp" | b64dec }}
+  oneuptime-secret: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "oneuptime-secret" | b64dec }}
+  encryption-secret: {{ index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data "encryption-secret" | b64dec }}
 
   {{- range $key, $val := $.Values.probes }}
   {{- if (index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data (printf "probe-%s" $key)) }}
-  {{printf "probe-%s" $key}}: {{ (index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data (printf "probe-%s" $key)) }}
+  {{printf "probe-%s" $key}}: {{ (index (lookup "v1" "Secret" $.Release.Namespace (printf "%s-secrets" $.Release.Name)).data (printf "probe-%s" $key) | b64dec) }}
   {{ else }}
-  {{printf "probe-%s" $key}}: {{ randAlphaNum 32 | b64enc | quote }}
+  {{printf "probe-%s" $key}}: {{ randAlphaNum 32 | quote }}
   {{- end }}
   {{- end }}
 
   {{ else }} # install operation
 
-  internal-smtp: {{ randAlphaNum 32 | b64enc | quote }}
-  oneuptime-secret: {{ randAlphaNum 32 | b64enc | quote }}
-  encryption-secret: {{ randAlphaNum 32 | b64enc | quote }}
-
+  internal-smtp: {{ randAlphaNum 32 | quote }}
+  oneuptime-secret: {{ randAlphaNum 32 | quote }}
+  encryption-secret: {{ randAlphaNum 32 | quote }}
 
   {{- range $key, $val := $.Values.probes }}
-  {{printf "probe-%s" $key}}: {{ randAlphaNum 32 | b64enc | quote }}
+  {{printf "probe-%s" $key}}: {{ randAlphaNum 32 | quote }}
   {{- end }}
 
   {{ end }}
@@ -46,27 +45,27 @@ metadata:
   annotations:
     "helm.sh/resource-policy": "keep"
 type: Opaque
-data:
+stringData:
 
   key: "postgres"
 
   {{- if $.Values.externalPostgres.password }}
   ## Add secret here for externalPostgresPassword
-  password: {{ $.Values.externalPostgres.password | b64enc | quote }}
+  password: {{ $.Values.externalPostgres.password | quote }}
   {{- end }}
 
   {{- if $.Values.externalPostgres.ssl.enabled -}}
   ## Add secret here for externalPostgresPassword
   {{- if $.Values.externalPostgres.ssl.ca }}
-  ssl-ca: {{ printf "%s" $.Values.externalPostgres.ssl.ca | b64enc | quote }}
+  ssl-ca: {{ printf "%s" $.Values.externalPostgres.ssl.ca | quote }}
   {{- end }}
 
   {{- if $.Values.externalPostgres.ssl.cert }}
-  ssl-cert: {{ printf "%s" $.Values.externalPostgres.ssl.cert | b64enc | quote }}
+  ssl-cert: {{ printf "%s" $.Values.externalPostgres.ssl.cert | quote }}
   {{- end }}
 
   {{- if $.Values.externalPostgres.ssl.key }}
-  ssl-key: {{ printf "%s" $.Values.externalPostgres.ssl.key | quote | b64enc | quote }}
+  ssl-key: {{ printf "%s" $.Values.externalPostgres.ssl.key | quote }}
   {{- end }}
 
   {{- end -}}
@@ -84,28 +83,28 @@ metadata:
   annotations:
     "helm.sh/resource-policy": "keep"
 type: Opaque
-data:
+stringData:
 
   key: "redis"
   {{- if $.Values.externalRedis.password }}
   ## Add secret here for externalRedisPassword
-  password: {{ $.Values.externalRedis.password | b64enc | quote }}
+  password: {{ $.Values.externalRedis.password | quote }}
   {{- end }}
 
   {{- if $.Values.externalRedis.tls.enabled -}}
 
   ## Add secret here for externalRedisPassword
   {{- if $.Values.externalRedis.tls.ca }}
-  tls-ca: {{ printf "%s" $.Values.externalRedis.tls.ca | b64enc | quote }}
+  tls-ca: {{ printf "%s" $.Values.externalRedis.tls.ca | quote }}
   {{- end }}
 
 
   {{- if $.Values.externalRedis.tls.cert }}
-  tls-cert: {{ printf "%s" $.Values.externalRedis.tls.cert | b64enc | quote }}
+  tls-cert: {{ printf "%s" $.Values.externalRedis.tls.cert | quote }}
   {{- end }}
 
   {{- if $.Values.externalRedis.tls.key }}
-  tls-key: {{ printf "%s" $.Values.externalRedis.tls.key | quote | b64enc | quote }}
+  tls-key: {{ printf "%s" $.Values.externalRedis.tls.key | quote }}
   {{- end }}
 
   {{- end -}}