Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Tree: 07dabc4b25
Branches Tags
helm-externa...
/
deploy
/
charts
/
external-secrets
/
templates
/
_helpers.tpl

_helpers.tpl 6.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201 
  1. {{/*
    2. 

  2. Expand the name of the chart.
    3. 

  3. */}}
    4. 

  4. {{- define "external-secrets.name" -}}
    5. 

  5. {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
    6. 

  6. {{- end }}
    7. 

  7. 

  8. {{/*
    9. 

  9. Create a default fully qualified app name.
    10. 

  10. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
    11. 

  11. If release name contains chart name it will be used as a full name.
    12. 

  12. */}}
    13. 

  13. {{- define "external-secrets.fullname" -}}
    14. 

  14. {{- if .Values.fullnameOverride }}
    15. 

  15. {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
    16. 

  16. {{- else }}
    17. 

  17. {{- $name := default .Chart.Name .Values.nameOverride }}
    18. 

  18. {{- if contains $name .Release.Name }}
    19. 

  19. {{- .Release.Name | trunc 63 | trimSuffix "-" }}
    20. 

  20. {{- else }}
    21. 

  21. {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
    22. 

  22. {{- end }}
    23. 

  23. {{- end }}
    24. 

  24. {{- end }}
    25. 

  25. 

  26. {{/*
    27. 

  27. Define namespace of chart, useful for multi-namespace deployments
    28. 

  28. */}}
    29. 

  29. {{- define "external-secrets.namespace" -}}
    30. 

  30. {{- if .Values.namespaceOverride }}
    31. 

  31. {{- .Values.namespaceOverride }}
    32. 

  32. {{- else }}
    33. 

  33. {{- .Release.Namespace }}
    34. 

  34. {{- end }}
    35. 

  35. {{- end }}
    36. 

  36. 

  37. {{/*
    38. 

  38. Create chart name and version as used by the chart label.
    39. 

  39. */}}
    40. 

  40. {{- define "external-secrets.chart" -}}
    41. 

  41. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
    42. 

  42. {{- end }}
    43. 

  43. 

  44. {{/*
    45. 

  45. Common labels
    46. 

  46. */}}
    47. 

  47. {{- define "external-secrets.labels" -}}
    48. 

  48. helm.sh/chart: {{ include "external-secrets.chart" . }}
    49. 

  49. {{ include "external-secrets.selectorLabels" . }}
    50. 

  50. {{- if .Chart.AppVersion }}
    51. 

  51. app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
    52. 

  52. {{- end }}
    53. 

  53. app.kubernetes.io/managed-by: {{ .Release.Service }}
    54. 

  54. {{- with .Values.commonLabels }}
    55. 

  55. {{ toYaml . }}
    56. 

  56. {{- end }}
    57. 

  57. {{- end }}
    58. 

  58. 

  59. {{- define "external-secrets-webhook.labels" -}}
    60. 

  60. helm.sh/chart: {{ include "external-secrets.chart" . }}
    61. 

  61. {{ include "external-secrets-webhook.selectorLabels" . }}
    62. 

  62. {{- if .Chart.AppVersion }}
    63. 

  63. app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
    64. 

  64. {{- end }}
    65. 

  65. app.kubernetes.io/managed-by: {{ .Release.Service }}
    66. 

  66. {{- with .Values.commonLabels }}
    67. 

  67. {{ toYaml . }}
    68. 

  68. {{- end }}
    69. 

  69. {{- end }}
    70. 

  70. 

  71. {{- define "external-secrets-webhook-metrics.labels" -}}
    72. 

  72. {{ include "external-secrets-webhook.selectorLabels" . }}
    73. 

  73. app.kubernetes.io/metrics: "webhook"
    74. 

  74. {{- with .Values.commonLabels }}
    75. 

  75. {{ toYaml . }}
    76. 

  76. {{- end }}
    77. 

  77. {{- end }}
    78. 

  78. 

  79. {{- define "external-secrets-cert-controller.labels" -}}
    80. 

  80. helm.sh/chart: {{ include "external-secrets.chart" . }}
    81. 

  81. {{ include "external-secrets-cert-controller.selectorLabels" . }}
    82. 

  82. {{- if .Chart.AppVersion }}
    83. 

  83. app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
    84. 

  84. {{- end }}
    85. 

  85. app.kubernetes.io/managed-by: {{ .Release.Service }}
    86. 

  86. {{- with .Values.commonLabels }}
    87. 

  87. {{ toYaml . }}
    88. 

  88. {{- end }}
    89. 

  89. {{- end }}
    90. 

  90. 

  91. {{- define "external-secrets-cert-controller-metrics.labels" -}}
    92. 

  92. {{ include "external-secrets-cert-controller.selectorLabels" . }}
    93. 

  93. app.kubernetes.io/metrics: "cert-controller"
    94. 

  94. {{- with .Values.commonLabels }}
    95. 

  95. {{ toYaml . }}
    96. 

  96. {{- end }}
    97. 

  97. {{- end }}
    98. 

  98. 

  99. {{/*
    100. 

  100. Selector labels
    101. 

  101. */}}
    102. 

  102. {{- define "external-secrets.selectorLabels" -}}
    103. 

  103. app.kubernetes.io/name: {{ include "external-secrets.name" . }}
    104. 

  104. app.kubernetes.io/instance: {{ .Release.Name }}
    105. 

  105. {{- end }}
    106. 

  106. {{- define "external-secrets-webhook.selectorLabels" -}}
    107. 

  107. app.kubernetes.io/name: {{ include "external-secrets.name" . }}-webhook
    108. 

  108. app.kubernetes.io/instance: {{ .Release.Name }}
    109. 

  109. {{- end }}
    110. 

  110. {{- define "external-secrets-cert-controller.selectorLabels" -}}
    111. 

  111. app.kubernetes.io/name: {{ include "external-secrets.name" . }}-cert-controller
    112. 

  112. app.kubernetes.io/instance: {{ .Release.Name }}
    113. 

  113. {{- end }}
    114. 

  114. {{/*
    115. 

  115. Create the name of the service account to use
    116. 

  116. */}}
    117. 

  117. {{- define "external-secrets.serviceAccountName" -}}
    118. 

  118. {{- if .Values.serviceAccount.create }}
    119. 

  119. {{- default (include "external-secrets.fullname" .) .Values.serviceAccount.name }}
    120. 

  120. {{- else }}
    121. 

  121. {{- default "default" .Values.serviceAccount.name }}
    122. 

  122. {{- end }}
    123. 

  123. {{- end }}
    124. 

  124. 

  125. {{/*
    126. 

  126. Create the name of the service account to use
    127. 

  127. */}}
    128. 

  128. {{- define "external-secrets-webhook.serviceAccountName" -}}
    129. 

  129. {{- if .Values.webhook.serviceAccount.create }}
    130. 

  130. {{- default "external-secrets-webhook" .Values.webhook.serviceAccount.name }}
    131. 

  131. {{- else }}
    132. 

  132. {{- default "default" .Values.webhook.serviceAccount.name }}
    133. 

  133. {{- end }}
    134. 

  134. {{- end }}
    135. 

  135. 

  136. {{/*
    137. 

  137. Create the name of the service account to use
    138. 

  138. */}}
    139. 

  139. {{- define "external-secrets-cert-controller.serviceAccountName" -}}
    140. 

  140. {{- if .Values.certController.serviceAccount.create }}
    141. 

  141. {{- default "external-secrets-cert-controller" .Values.certController.serviceAccount.name }}
    142. 

  142. {{- else }}
    143. 

  143. {{- default "default" .Values.certController.serviceAccount.name }}
    144. 

  144. {{- end }}
    145. 

  145. {{- end }}
    146. 

  146. 

  147. {{/*
    148. 

  148. Determine the image to use, including if using a flavour.
    149. 

  149. */}}
    150. 

  150. {{- define "external-secrets.image" -}}
    151. 

  151. {{- if .image.flavour -}}
    152. 

  152. {{ printf "%s:%s-%s" .image.repository (.image.tag | default .chartAppVersion) .image.flavour }}
    153. 

  153. {{- else }}
    154. 

  154. {{ printf "%s:%s" .image.repository (.image.tag | default .chartAppVersion) }}
    155. 

  155. {{- end }}
    156. 

  156. {{- end }}
    157. 

  157. 

  158. <<<<<<< HEAD
    159. 

  159. 

  160. {{/*
    161. 

  161. Renders a complete tree, even values that contains template.
    162. 

  162. */}}
    163. 

  163. {{- define "external-secrets.render" -}}
    164. 

  164.   {{- if typeIs "string" .value }}
    165. 

  165.     {{- tpl .value .context }}
    166. 

  166.   {{ else }}
    167. 

  167.     {{- tpl (.value | toYaml) .context }}
    168. 

  168.   {{- end }}
    169. 

  169. {{- end -}}
    170. 

  170. =======
    171. 

  171. {{/* 
    172. 

  172. Return true if the OpenShift is the detected platform
    173. 

  173. Usage:
    174. 

  174. {{- include "external-secrets.isOpenShift" . -}}
    175. 

  175. */}}
    176. 

  176. {{- define "external-secrets.isOpenShift" -}}
    177. 

  177. {{- if .Capabilities.APIVersions.Has "security.openshift.io/v1" -}}
    178. 

  178. {{- true -}}
    179. 

  179. {{- end -}}
    180. 

  180. {{- end -}}
    181. 

  181. 

  182. {{/*
    183. 

  183. Render the securityContext based on the provided securityContext
    184. 

  184.   {{- include "external-secrets.renderSecurityContext" (dict "securityContext" .Values.securityContext "context" $) -}}
    185. 

  185. */}}
    186. 

  186. {{- define "external-secrets.renderSecurityContext" -}}
    187. 

  187. {{- $adaptedContext := .securityContext -}}
    188. 

  188. {{- if .context.Values.global.compatibility -}}
    189. 

  189.   {{- if .context.Values.global.compatibility.openshift -}}
    190. 

  190.     {{- if or (eq .context.Values.global.compatibility.openshift.adaptSecurityContext "force") (and (eq .context.Values.global.compatibility.openshift.adaptSecurityContext "auto") (include "external-secrets.isOpenShift" .context)) -}}
    191. 

  191.       {{/* Remove OpenShift managed fields */}}
    192. 

  192.       {{- $adaptedContext = omit $adaptedContext "fsGroup" "runAsUser" "runAsGroup" -}}
    193. 

  193.       {{- if not .securityContext.seLinuxOptions -}}
    194. 

  194.         {{- $adaptedContext = omit $adaptedContext "seLinuxOptions" -}}
    195. 

  195.       {{- end -}}
    196. 

  196.     {{- end -}}
    197. 

  197.   {{- end -}}
    198. 

  198. {{- end -}}
    199. 

  199. {{- omit $adaptedContext "enabled" | toYaml -}}
    200. 

  200. {{- end -}}
    201. 

  201. >>>>>>> 2218c78b (Methods for managing securityContext and OpenShift support)
    202.