Skip to content

Commit

Permalink
fix(secrets): add quotes for escaping
Browse files Browse the repository at this point in the history
  • Loading branch information
evegufy committed Sep 30, 2023
1 parent 0a0c990 commit 9e75b5b
Show file tree
Hide file tree
Showing 6 changed files with 10 additions and 10 deletions.
2 changes: 1 addition & 1 deletion charts/centralidp/templates/secret-centralidp.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ data:
# if secret exists, use value provided from values file (to cover update scenario) or existing value from secret
# use data map instead of stringData to prevent base64 encoding of already base64-encoded existing value from secret
# use index function for secret keys with hyphen otherwise '$secret.data.secretKey' works too
admin-password: {{ ( .Values.secrets.auth.existingSecret.adminpassword | b64enc | quote ) | default ( index $secret.data "admin-password" ) }}
admin-password: {{ ( .Values.secrets.auth.existingSecret.adminpassword | b64enc ) | default ( index $secret.data "admin-password" ) | quote }}
{{ else -}}
stringData:
# if secret doesn't exist, use provided value from values file or generate a random one
Expand Down
2 changes: 1 addition & 1 deletion charts/centralidp/templates/secret-external-db.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ type: Opaque
data:
# if secret exists, use value provided from values file (to cover update scenario) or existing value from secret
# use data map instead of stringData to prevent base64 encoding of already base64-encoded existing value from secret
password: {{ ( .Values.keycloak.externalDatabase.password | b64enc | quote ) | default $secret.data.password }}
password: {{ ( .Values.keycloak.externalDatabase.password | b64enc ) | default $secret.data.password | quote }}
{{ else -}}
stringData:
# if secret doesn't exist, use provided value from values file or generate a random one
Expand Down
6 changes: 3 additions & 3 deletions charts/centralidp/templates/secret-postgres-init.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@ data:
# if secret exists, use value provided from values file (to cover update scenario) or existing value from secret
# use data map instead of stringData to prevent base64 encoding of already base64-encoded existing value from secret
# use index function for secret keys with hyphen otherwise '$secret.data.secretKey' works too
postgres-password: {{ ( .Values.secrets.postgresql.auth.existingSecret.postgrespassword | b64enc | quote ) | default ( index $secret.data "postgres-password" ) }}
password: {{ ( .Values.secrets.postgresql.auth.existingSecret.password | b64enc | quote ) | default $secret.data.password }}
replication-password: {{ ( .Values.secrets.postgresql.auth.existingSecret.replicationPassword | b64enc | quote ) | default ( index $secret.data "replication-password" ) }}
postgres-password: {{ ( .Values.secrets.postgresql.auth.existingSecret.postgrespassword | b64enc ) | default ( index $secret.data "postgres-password" ) | quote }}
password: {{ ( .Values.secrets.postgresql.auth.existingSecret.password | b64enc ) | default $secret.data.password | quote }}
replication-password: {{ ( .Values.secrets.postgresql.auth.existingSecret.replicationPassword | b64enc ) | default ( index $secret.data "replication-password" ) | quote}}
{{ else -}}
stringData:
# if secret doesn't exist, use provided value from values file or generate a random one
Expand Down
2 changes: 1 addition & 1 deletion charts/sharedidp/templates/secret-external-db.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ type: Opaque
data:
# if secret exists, use value provided from values file (to cover update scenario) or existing value from secret
# use data map instead of stringData to prevent base64 encoding of already base64-encoded existing value from secret
password: {{ ( .Values.keycloak.externalDatabase.password | b64enc | quote ) | default $secret.data.password }}
password: {{ ( .Values.keycloak.externalDatabase.password | b64enc ) | default $secret.data.password | quote }}
{{ else -}}
stringData:
# if secret doesn't exist, use provided value from values file or generate a random one
Expand Down
6 changes: 3 additions & 3 deletions charts/sharedidp/templates/secret-postgres-init.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@ data:
# if secret exists, use value provided from values file (to cover update scenario) or existing value from secret
# use data map instead of stringData to prevent base64 encoding of already base64-encoded existing value from secret
# use index function for secret keys with hyphen otherwise '$secret.data.secretKey' works too
postgres-password: {{ ( .Values.secrets.postgresql.auth.existingSecret.postgrespassword | b64enc | quote ) | default ( index $secret.data "postgres-password" ) }}
password: {{ ( .Values.secrets.postgresql.auth.existingSecret.password | b64enc | quote ) | default $secret.data.password }}
replication-password: {{ ( .Values.secrets.postgresql.auth.existingSecret.replicationPassword | b64enc | quote ) | default ( index $secret.data "replication-password" ) }}
postgres-password: {{ ( .Values.secrets.postgresql.auth.existingSecret.postgrespassword | b64enc ) | default ( index $secret.data "postgres-password" ) | quote }}
password: {{ ( .Values.secrets.postgresql.auth.existingSecret.password | b64enc ) | default $secret.data.password | quote }}
replication-password: {{ ( .Values.secrets.postgresql.auth.existingSecret.replicationPassword | b64enc ) | default ( index $secret.data "replication-password" ) | quote }}
{{ else -}}
stringData:
# if secret doesn't exist, use provided value from values file or generate a random one
Expand Down
2 changes: 1 addition & 1 deletion charts/sharedidp/templates/secret-sharedidp.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ data:
# if secret exists, use value provided from values file (to cover update scenario) or existing value from secret
# use data map instead of stringData to prevent base64 encoding of already base64-encoded existing value from secret
# use index function for secret keys with hyphen otherwise '$secret.data.secretKey' works too
admin-password: {{ ( .Values.secrets.auth.existingSecret.adminpassword | b64enc | quote ) | default ( index $secret.data "admin-password" ) }}
admin-password: {{ ( .Values.secrets.auth.existingSecret.adminpassword | b64enc ) | default ( index $secret.data "admin-password" ) | quote }}
{{ else -}}
stringData:
# if secret doesn't exist, use provided value from values file or generate a random one
Expand Down

0 comments on commit 9e75b5b

Please sign in to comment.