trigger.dev/hosting/k8s/helm/templates/secrets.yaml at ad33a8f6dedc4ce1e62edf8f2d6855e54bfbf21a · triggerdotdev/trigger.dev · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
{{- if and .Values.secrets.enabled (not .Values.secrets.existingSecret) }}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "trigger-v4.fullname" . }}-secrets
  labels:
    {{- include "trigger-v4.labels" . | nindent 4 }}
type: Opaque
data:
  SESSION_SECRET: {{ .Values.secrets.sessionSecret | b64enc | quote }}
  MAGIC_LINK_SECRET: {{ .Values.secrets.magicLinkSecret | b64enc | quote }}
  ENCRYPTION_KEY: {{ .Values.secrets.encryptionKey | b64enc | quote }}
  MANAGED_WORKER_SECRET: {{ .Values.secrets.managedWorkerSecret | b64enc | quote }}
  {{- if and .Values.s3.external.accessKeyId (not .Values.s3.external.existingSecret) }}
  s3-access-key-id: {{ .Values.s3.external.accessKeyId | b64enc | quote }}
  s3-secret-access-key: {{ .Values.s3.external.secretAccessKey | b64enc | quote }}
  {{- end }}
  {{- if and .Values.s3.deploy (not .Values.s3.auth.existingSecret) }}
  s3-auth-access-key-id: {{ include "trigger-v4.s3.auth.effectiveAccessKeyId" . | b64enc | quote }}
  s3-auth-secret-access-key: {{ include "trigger-v4.s3.auth.effectiveSecretAccessKey" . | b64enc | quote }}
  {{- end }}
  {{- if and .Values.postgres.external.databaseUrl (not .Values.postgres.external.existingSecret) }}
  postgres-database-url: {{ .Values.postgres.external.databaseUrl | b64enc | quote }}
  {{- if .Values.postgres.external.directUrl }}
  postgres-direct-url: {{ .Values.postgres.external.directUrl | b64enc | quote }}
  {{- else }}
  postgres-direct-url: {{ .Values.postgres.external.databaseUrl | b64enc | quote }}
  {{- end }}
  {{- end }}
  {{- if and .Values.redis.external.host (not .Values.redis.external.existingSecret) .Values.redis.external.password }}
  redis-password: {{ .Values.redis.external.password | b64enc | quote }}
  {{- end }}
  {{- if and .Values.clickhouse.external.host (not .Values.clickhouse.external.existingSecret) .Values.clickhouse.external.password }}
  clickhouse-password: {{ .Values.clickhouse.external.password | b64enc | quote }}
  {{- end }}
{{- end }}
---
{{- if and .Values.registry.deploy .Values.registry.auth.enabled }}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "trigger-v4.fullname" . }}-registry-auth
  labels:
    {{- include "trigger-v4.labels" . | nindent 4 }}
type: Opaque
data:
  htpasswd: {{ htpasswd .Values.registry.auth.username .Values.registry.auth.password | trim | b64enc | quote }}
---
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "trigger-v4.fullname" . }}-registry-secret
  labels:
    {{- include "trigger-v4.labels" . | nindent 4 }}
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: {{ include "trigger-v4.imagePullSecret" . | b64enc }}
{{- else if and (not .Values.registry.deploy) .Values.registry.external.auth.enabled }}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "trigger-v4.fullname" . }}-registry-secret
  labels:
    {{- include "trigger-v4.labels" . | nindent 4 }}
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: {{ include "trigger-v4.imagePullSecret" . | b64enc }}
{{- end }}