- name: {{ $envName }}
value: {{ tpl $envValue $global | quote }}
{{- else }}
- {{ if or (not $envValue.secretUid) (not $envValue.key) }}
- {{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }}
- {{- end }}
+ {{- if and (hasKey $envValue "externalSecret") ($envValue.externalSecret) }}
+- name: {{ $envName }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ tpl $envValue.externalSecretUid $global | quote }}
+ key: {{ tpl $envValue.key $global | quote }}
+ {{- else }}
+ {{ if or (not $envValue.secretUid) (not $envValue.key) }}
+ {{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }}
+ {{- end }}
- name: {{ $envName }}
{{- include "common.secret.envFromSecretFast" (dict "global" $global "uid" $envValue.secretUid "key" $envValue.key) | indent 2 }}
+ {{- end }}
{{- end -}}
{{- end }}
{{- end }}
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- resources: {{ include "common.resources" . | nindent 2 }}
+ resources: {{ include "common.resources" . | nindent 10 }}
volumeMounts:
- mountPath: /opt/app/osaaf
name: tls-info
{{- end }}
{{- end }}
{{- end }}
- resources: {{ include "common.resources" . | nindent 2 }}
+ resources: {{ include "common.resources" . | nindent 10 }}
volumeMounts:
- mountPath: /app-config
name: {{ ternary "app-config-input" "app-config" (not $drFeedConfig) }}
- name: POLICY_SYNC_DURATION
value: "{{ $policy.duration }}"
{{- end }}
- resources: {{ include "common.resources" . | nindent 2 }}
+ resources: {{ include "common.resources" . | nindent 10 }}
volumeMounts:
- mountPath: /etc/policies
name: policy-shared