The template takes two arguments:
- .global: environment (.)
- .name: name of the secret
+ - .annotations: annotations which should be used
Example call:
{{ include "common.secret._header" (dict "global" . "name" "myFancyName") }}
chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}
release: {{ include "common.release" $global }}
heritage: {{ $global.Release.Service }}
+{{- if .annotations }}
+ annotations: {{- include "common.tplValue" (dict "value" .annotations "context" $global) | nindent 4 }}
+{{- end }}
type: Opaque
{{- end -}}
{{/*
- For internal use only!
-
Generate a secret name based on provided name or UID.
If UID is provided then the name is generated by appending this UID right after
the chart name. If name is provided, it overrides the name generation algorith
- .name: string that can be used to override default name generation algorithm
and provide a custom name for the secret
*/}}
-{{- define "common.secret._genName" -}}
+{{- define "common.secret.genName" -}}
{{- $global := .global }}
{{- $uid := tpl (default "" .uid) $global }}
{{- $name := tpl (default "" .name) $global }}
- {{- default (printf "%s-%s" (include "common.fullname" $global) $uid) $name }}
+ {{- $fullname := ne (default "" .chartName) "" | ternary (include "common.fullnameExplicit" (dict "dot" $global "chartName" .chartName)) (include "common.fullname" $global) }}
+ {{- default (printf "%s-%s" $fullname $uid) $name }}
{{- end -}}
{{/*
*/}}
{{- define "common.secret.getSecretName" -}}
{{- $global := .global }}
- {{- $targetName := include "common.secret._genName" (dict "global" $global "uid" .uid "name" .name) }}
+ {{- $name := tpl (default "" .name) $global }}
+ {{- $uid := tpl (default "" .uid) $global }}
+ {{- $targetName := default (include "common.secret.genName" (dict "global" $global "uid" $uid "name" .name)) $name}}
{{- range $secret := $global.Values.secrets }}
- {{- $currName := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }}
- {{- if eq $currName $targetName }}
+ {{- $givenName := tpl (default "" $secret.name) $global }}
+ {{- $currUID := tpl (default "" $secret.uid) $global }}
+ {{- $currName := default (include "common.secret.genName" (dict "global" $global "uid" $currUID "name" $secret.name)) $givenName }}
+ {{- if or (eq $uid $currUID) (eq $currName $targetName) }}
{{- $externalSecret := tpl (default "" $secret.externalSecret) $global }}
{{- default $currName $externalSecret }}
{{- end }}
- name:
Overrides default secret name generation and allows to set immutable
and globaly unique name
+ - annotations:
+ List of annotations to be used while defining a secret
To allow sharing a secret between the components and allow to pre-deploy secrets
before ONAP deployment it is possible to use already existing secret instead of
{{- define "common.secret" -}}
{{- $global := . }}
{{- range $secret := .Values.secrets }}
- {{- $name := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }}
+ {{- $uid := tpl (default "" $secret.uid) $global }}
+ {{- $name := include "common.secret.genName" (dict "global" $global "uid" $uid "name" $secret.name) }}
+ {{- $annotations := default "" $secret.annotations }}
{{- $type := default "generic" $secret.type }}
{{- $externalSecret := tpl (default "" $secret.externalSecret) $global }}
{{- if not $externalSecret }}
---
- {{ include "common.secret._header" (dict "global" $global "name" $name) }}
+ {{ include "common.secret._header" (dict "global" $global "name" $name "annotations" $annotations) }}
{{- if eq $type "generic" }}
data: