oncall-engine/helm/oncall/templates/secrets.yaml

{{- if not .Values.oncall.secrets.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "oncall.fullname" . }}
  labels:
    {{- include "oncall.labels" . | nindent 4 }}
type: Opaque
data:
  {{ template "snippet.oncall.secret.secretKey" . }}: {{ randAlphaNum 40 | b64enc | quote }}
  {{ template "snippet.oncall.secret.mirageSecretKey" . }}: {{ randAlphaNum 40 | b64enc | quote }}
{{- end }}
---
{{ if and (not .Values.mariadb.enabled) (eq .Values.database.type "mysql") (not .Values.externalMysql.existingSecret) -}}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "oncall.fullname" . }}-mysql-external
type: Opaque
data:
  mariadb-root-password: {{ required "externalMysql.password is required if not mariadb.enabled and not externalMysql.existingSecret" .Values.externalMysql.password | b64enc | quote }}
{{- end }}
---
{{ if and (eq .Values.broker.type "rabbitmq") (not .Values.rabbitmq.enabled) (not .Values.externalRabbitmq.existingSecret) -}}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "oncall.fullname" . }}-rabbitmq-external
type: Opaque
data:
  rabbitmq-password: {{ required "externalRabbitmq.password is required if not rabbitmq.enabled and not externalRabbitmq.existingSecret" .Values.externalRabbitmq.password | b64enc | quote }}
{{- end }}
---
{{ if and (not .Values.redis.enabled) (not .Values.externalRedis.existingSecret) -}}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "oncall.fullname" . }}-redis-external
type: Opaque
data:
  redis-password: {{ required "externalRedis.password is required if not redis.enabled and not externalRedis.existingSecret" .Values.externalRedis.password | b64enc | quote }}
{{- end }}
---
{{ if and .Values.oncall.smtp.enabled .Values.oncall.smtp.password -}}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "oncall.fullname" . }}-smtp
type: Opaque
data:
  smtp-password: {{ .Values.oncall.smtp.password | b64enc | quote }}
{{- end }}
---
{{ if and .Values.oncall.exporter.enabled .Values.oncall.exporter.authToken -}}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "oncall.fullname" . }}-exporter
type: Opaque
data:
  exporter-secret: {{ .Values.oncall.exporter.authToken | b64enc | quote }}
{{- end }}
---
{{ if and (not .Values.postgresql.enabled) (eq .Values.database.type "postgresql") (not .Values.externalPostgresql.existingSecret) -}}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "oncall.fullname" . }}-postgresql-external
type: Opaque
data:
  postgres-password: {{ required "externalPostgresql.password is required if not postgresql.enabled and not externalPostgresql.existingSecret" .Values.externalPostgresql.password | b64enc | quote }}
{{- end }}