fix: explicitly configure secret store backend

Signed-off-by: Chris Butler <chris.butler@redhat.com>

Author: butler54

charts/coco-supported/sandbox/templates/ssh-key-eso.yaml

@@ -10,8 +10,8 @@ metadata:
 spec:
   refreshInterval: 15s
   secretStoreRef:
-    name: {{ .Values.secretStore.name }}
-    kind: {{ .Values.secretStore.kind }}
+    name: {{ .Values.global.secretStore.name }}
+    kind: {{ .Values.global.secretStore.kind }}
   target:
     name: ssh-key-secret
     template:

charts/hub/trustee/templates/dynamic-eso.yaml

@@ -11,8 +11,8 @@ metadata:
 spec:
   refreshInterval: 15s
   secretStoreRef:
-    name: {{ $.Values.secretStore.name }}
-    kind: {{ $.Values.secretStore.kind }}
+    name: {{ $.Values.global.secretStore.name }}
+    kind: {{ $.Values.global.secretStore.kind }}
   target:
     name: {{ .name }}
     template:

charts/hub/trustee/templates/kbs-operator-keys.yaml

@@ -10,8 +10,8 @@ metadata:
 spec:
   refreshInterval: 15s
   secretStoreRef:
-    name: {{ .Values.secretStore.name }}
-    kind: {{ .Values.secretStore.kind }}
+    name: {{ .Values.global.secretStore.name }}
+    kind: {{ .Values.global.secretStore.kind }}
   data:
   target:
     name: kbs-auth-public-key

charts/hub/trustee/templates/push-secret.yaml

@@ -9,8 +9,8 @@ spec:
   deletionPolicy: Delete # the provider' secret will be deleted if the PushSecret is deleted
   refreshInterval: 10s # Refresh interval for which push secret will reconcile
   secretStoreRefs: # A list of secret stores to push secrets to
-    - name: {{ .Values.secretStore.name }}
-      kind: {{ .Values.secretStore.kind }}
+    - name: {{ .Values.global.secretStore.name }}
+      kind: {{ .Values.global.secretStore.kind }}
   selector:
     secret:
       name: kbs-tls-self-signed # Source Kubernetes secret to be pushed

charts/hub/trustee/templates/securityPolicy-eso.yaml

@@ -10,8 +10,8 @@ metadata:
 spec:
   refreshInterval: 15s
   secretStoreRef:
-    name: {{ .Values.secretStore.name }}
-    kind: {{ .Values.secretStore.kind }}
+    name: {{ .Values.global.secretStore.name }}
+    kind: {{ .Values.global.secretStore.kind }}
   data:
   target:
     name: security-policy

charts/hub/trustee/templates/tls-cert-eso.yaml

@@ -10,8 +10,8 @@ metadata:
 spec:
   refreshInterval: 15s
   secretStoreRef:
-    name: {{ .Values.secretStore.name }}
-    kind: {{ .Values.secretStore.kind }}
+    name: {{ .Values.global.secretStore.name }}
+    kind: {{ .Values.global.secretStore.kind }}
   target:
     name: kbs-https-certificate
     template:

charts/hub/trustee/templates/tls-key-eso.yaml

@@ -10,8 +10,8 @@ metadata:
 spec:
   refreshInterval: 15s
   secretStoreRef:
-    name: {{ .Values.secretStore.name }}
-    kind: {{ .Values.secretStore.kind }}
+    name: {{ .Values.global.secretStore.name }}
+    kind: {{ .Values.global.secretStore.kind }}
   target:
     name: kbs-https-key
     template:

values-global.yaml

@@ -1,4 +1,9 @@
 global:
+  secretStore:
+    backend: vault # none, vault, kubernetes
+    name: vault-backend
+    kind: ClusterSecretStore
+
   pattern: coco-pattern
   options:
     useCSV: false
@@ -21,6 +26,3 @@ main:
     clusterGroupChartVersion: 0.9.*
 
 # Common secret store configuration used across multiple charts
-secretStore:
-  name: vault-backend
-  kind: ClusterSecretStore