X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fcommon%2Fcommon%2Ftemplates%2F_secret.yaml;h=9f41906c9ed36a97ed3fcdc7a63a5265a460030e;hb=784fbfdf57b6e5a11aadb8e4fc2080c026f9944e;hp=0aff3a647b7534ebf3f75801d8e016a4602f975a;hpb=1155349e7b7dafc81ad94a5e48423e8aaf6fb7f2;p=oom.git diff --git a/kubernetes/common/common/templates/_secret.yaml b/kubernetes/common/common/templates/_secret.yaml index 0aff3a647b..9f41906c9e 100644 --- a/kubernetes/common/common/templates/_secret.yaml +++ b/kubernetes/common/common/templates/_secret.yaml @@ -22,6 +22,7 @@ The template takes two arguments: - .global: environment (.) - .name: name of the secret + - .annotations: annotations which should be used Example call: {{ include "common.secret._header" (dict "global" . "name" "myFancyName") }} @@ -39,6 +40,9 @@ metadata: chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} release: {{ include "common.release" $global }} heritage: {{ $global.Release.Service }} +{{- if .annotations }} + annotations: {{- include "common.tplValue" (dict "value" .annotations "context" $global) | nindent 4 }} +{{- end }} type: Opaque {{- end -}} @@ -76,8 +80,6 @@ type: Opaque {{/* - For internal use only! - Generate a secret name based on provided name or UID. If UID is provided then the name is generated by appending this UID right after the chart name. If name is provided, it overrides the name generation algorith @@ -90,11 +92,12 @@ type: Opaque - .name: string that can be used to override default name generation algorithm and provide a custom name for the secret */}} -{{- define "common.secret._genName" -}} +{{- define "common.secret.genName" -}} {{- $global := .global }} {{- $uid := tpl (default "" .uid) $global }} {{- $name := tpl (default "" .name) $global }} - {{- default (printf "%s-%s" (include "common.fullname" $global) $uid) $name }} + {{- $fullname := ne (default "" .chartName) "" | ternary (include "common.fullnameExplicit" (dict "dot" $global "chartName" .chartName)) (include "common.fullname" $global) }} + {{- default (printf "%s-%s" $fullname $uid) $name }} {{- end -}} {{/* @@ -115,10 +118,14 @@ type: Opaque */}} {{- define "common.secret.getSecretName" -}} {{- $global := .global }} - {{- $targetName := include "common.secret._genName" (dict "global" $global "uid" .uid "name" .name) }} + {{- $name := tpl (default "" .name) $global }} + {{- $uid := tpl (default "" .uid) $global }} + {{- $targetName := default (include "common.secret.genName" (dict "global" $global "uid" $uid "name" .name)) $name}} {{- range $secret := $global.Values.secrets }} - {{- $currName := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }} - {{- if eq $currName $targetName }} + {{- $givenName := tpl (default "" $secret.name) $global }} + {{- $currUID := tpl (default "" $secret.uid) $global }} + {{- $currName := default (include "common.secret.genName" (dict "global" $global "uid" $currUID "name" $secret.name)) $givenName }} + {{- if or (eq $uid $currUID) (eq $currName $targetName) }} {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }} {{- default $currName $externalSecret }} {{- end }} @@ -201,6 +208,8 @@ valueFrom: - name: Overrides default secret name generation and allows to set immutable and globaly unique name + - annotations: + List of annotations to be used while defining a secret To allow sharing a secret between the components and allow to pre-deploy secrets before ONAP deployment it is possible to use already existing secret instead of @@ -234,12 +243,14 @@ valueFrom: {{- define "common.secret" -}} {{- $global := . }} {{- range $secret := .Values.secrets }} - {{- $name := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }} + {{- $uid := tpl (default "" $secret.uid) $global }} + {{- $name := include "common.secret.genName" (dict "global" $global "uid" $uid "name" $secret.name) }} + {{- $annotations := default "" $secret.annotations }} {{- $type := default "generic" $secret.type }} {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }} {{- if not $externalSecret }} --- - {{ include "common.secret._header" (dict "global" $global "name" $name) }} + {{ include "common.secret._header" (dict "global" $global "name" $name "annotations" $annotations) }} {{- if eq $type "generic" }} data: