Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Documentation: callout templating escapes for helm users (#2704)

* callout templating escapes for helm users

Signed-off-by: rteeling <rteeling@users.noreply.github.com>

* quote the snippet file

Signed-off-by: rteeling <rteeling@users.noreply.github.com>

---------

Signed-off-by: rteeling <rteeling@users.noreply.github.com>
Co-authored-by: rteeling <rteeling@users.noreply.github.com>
rteeling 2 years ago
parent
c757319a09
commit
ddae00dd6d
3 changed files with 29 additions and 1 deletions
Split View Show Diff Stats
  1. 9 0
      docs/guides/templating.md
  2. 19 0
      docs/snippets/helm-template-v2-escape-sequence.yaml
  3. 1 1
      docs/snippets/multikey-template-v2-external-secret.yaml

+ 9 - 0
docs/guides/templating.md
View File 

@@ -2,6 +2,15 @@
 
 
 With External Secrets Operator you can transform the data from the external secret provider before it is stored as `Kind=Secret`. You can do this with the `Spec.Target.Template`. Each data value is interpreted as a [golang template](https://golang.org/pkg/text/template/).
 
 
+
 
+## Helm
 
+
 
+When installing ExternalSecrets via `helm`, the template must be escaped so that `helm` will not try to render it. The most straightforward way to accomplish this would be to use backticks ([raw string constants](https://pkg.go.dev/text/template#hdr-Examples)):
 
+
 
+```yaml
 
+{% include 'helm-template-v2-escape-sequence.yaml' %}
 
+```
 
+
 
 ## Examples
 
 
 You can use templates to inject your secrets into a configuration file that you mount into your pod:

+ 19 - 0
docs/snippets/helm-template-v2-escape-sequence.yaml
View File 

@@ -0,0 +1,19 @@
 
+{% raw %}
 
+apiVersion: external-secrets.io/v1beta1
 
+kind: ExternalSecret
 
+metadata:
 
+  name: template
 
+spec:
 
+  # ...
 
+  target:
 
+    template:
 
+      engineVersion: v2
 
+      data:
 
+        name: admin
 
+        # password: "{{ .mysecret }}"               # If you are using plain manifests or gitops tools
 
+        password: "{{ `{{ .mysecret }}` }}"         # If you are using helm
 
+  data:
 
+  - secretKey: mysecret
 
+    remoteRef:
 
+      key: /credentials
 
+{% endraw %}

+ 1 - 1
docs/snippets/multikey-template-v2-external-secret.yaml
View File 

@@ -11,7 +11,7 @@ spec:
 
       data:
 
         name: admin
 
         password: "{{ .mysecret }}"                   # If you are using plain manifests or gitops tools
 
-        # password: '{{ printf "{{ .mysecret }}" }}'  # If you are using templated tools like helm
 
+        # password: "{{ `{{ .mysecret }}` }}"         # If you are using templated tools like helm
 
   data:
 
   - secretKey: mysecret
 
     remoteRef: