helm secrets

- add docker registry config - update values.yaml with values from 03-keystore.yaml - add 03-keystore.yaml - add docker registry config - update values.yaml with values from 02-json-web-token.yaml - add 02-json-web-token.yaml - add docker registry config - update values.yaml with values from 01-docker-registry.yaml - add 01-docker-registry.yaml - update kube/01-initialize/02-registry-secret.yaml - extract docker registry /doc/k8s-testing.md to doc/k8s-docker-registry.md - add values.yaml - add Chart.yaml - add helmfile.yaml
2025-07-26 14:34:44 +02:00
parent 8ead30676a
commit cecdb1a627
9 changed files with 121 additions and 39 deletions
--- a/helm/charts/01-secrets/Chart.yaml
+++ b/helm/charts/01-secrets/Chart.yaml
@@ -0,0 +1,5 @@
+# Chart.yaml
+apiVersion: v2
+name: hlaeja-secret
+description: A Helm chart for the hlaeja docker register, jwt, and keystore
+version: 0.1.0
--- a/helm/charts/01-secrets/templates/01-docker-registry.yaml
+++ b/helm/charts/01-secrets/templates/01-docker-registry.yaml
@@ -0,0 +1,13 @@
+{{- range .Values.secrets.dockerRegistry }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .name }}
+  namespace: {{ $.Values.namespace }}
+  labels:
+    environment: {{ $.Values.environment }}
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: {{ .dockerRegistryConfigJson | quote }}
+---
+{{- end }}
--- a/helm/charts/01-secrets/templates/02-json-web-token.yaml
+++ b/helm/charts/01-secrets/templates/02-json-web-token.yaml
@@ -0,0 +1,15 @@
+{{- range .Values.secrets.jwt }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .name }}
+  namespace: {{ $.Values.namespace }}
+  labels:
+    app: {{ .app }}
+    environment: {{ $.Values.environment }}
+    tier: {{ .tier }}
+type: Opaque
+data:
+  {{ .jwtFilename }}: {{ .jwtFile | quote }}
+---
+{{- end }}
--- a/helm/charts/01-secrets/templates/03-keystore.yaml
+++ b/helm/charts/01-secrets/templates/03-keystore.yaml
@@ -0,0 +1,16 @@
+{{- range .Values.secrets.keystore }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .name }}
+  namespace: {{ $.Values.namespace }}
+  labels:
+    app: {{ .app }}
+    environment: {{ $.Values.environment }}
+    tier: {{ .tier }}
+type: Opaque
+data:
+  keystore.p12: {{ .keystoreFile | quote }}
+  keystore-password: {{ .keystorePassword | b64enc | quote }}
+---
+{{- end }}
--- a/helm/charts/01-secrets/values.yaml
+++ b/helm/charts/01-secrets/values.yaml
@@ -0,0 +1,26 @@
+namespace: hlaeja-testing
+environment: testing
+
+secrets:
+
+  # Look at /doc/k8s-docker-registry.md to make these values
+  dockerRegistry:
+#    - name: dockerRegistry
+#      dockerRegistryConfigJson: DockerRegistryBase64==
+
+  # Look at /doc/rsa_key.md to make these values (we use rsa so and need a public and privet key)
+  jwt:
+#    - name: jwt-key
+#      app: jwt-service
+#      tier: backend
+#      jwtFilename: jwt_key.pem
+#      jwtFile: JwtKeyFileBase64==
+
+  # Look at /doc/keystore.md to make these values
+  keystore:
+#    - name: keystore-service
+#      app: account-register
+#      tier: backend
+#      keystoreFile: ServiceKeystoreFileBase64==
+#      keystorePassword: ServiceKeystorePassword
+