DevFW-CICD/garm-helm
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
garm-helm/charts/garm/templates/secrets.yaml

122 lines
4.3 KiB
YAML
Raw Blame History

apiVersion: v1
kind: Secret
metadata:
name: {{ include "garm.fullname" . }}-credentials
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-5"
stringData:
GITEA_TOKEN: {{ include "garm.giteaToken" . | quote }}
GARM_ADMIN_USERNAME: {{ .Values.credentials.admin.username | quote }}
GARM_ADMIN_PASSWORD: {{ include "garm.adminPassword" . | quote }}
GARM_ADMIN_EMAIL: {{ .Values.credentials.admin.email | quote }}
GARM_URL: {{ printf "https://%s" (index .Values.ingress.hosts 0).host | quote }}
GIT_URL: {{ .Values.credentials.gitea.url | quote }}
---
{{- $secretName := printf "%s%s" (include "garm.fullname" .) "-db-credentials" -}}
{{- $secretExists := lookup "v1" "Secret" .Release.Namespace $secretName -}}
{{- if not $secretExists -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-5"
stringData:
passphrase: {{- include "garm.randomString" . -}}
{{- end -}}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "garm.fullname" . }}-config
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-5"
stringData:
config.toml: |
[default]
enable_webhook_management = true
[logging]
enable_log_streamer = {{ .Values.garm.logging.enableLogStreamer }}
log_format = "{{ .Values.garm.logging.logFormat }}"
log_level = "{{ .Values.garm.logging.logLevel }}"
log_source = {{ .Values.garm.logging.logSource }}
[metrics]
enable = {{ .Values.garm.metrics.enable }}
disable_auth = {{ .Values.garm.metrics.disableAuth }}
[jwt_auth]
secret = "{{ include "garm.jwtSecret" . }}"
time_to_live = "{{ .Values.garm.jwtAuth.timeToLive }}"
[apiserver]
bind = "{{ .Values.garm.apiserver.bind }}"
port = {{ .Values.garm.apiserver.port }}
use_tls = {{ .Values.garm.apiserver.useTls }}
[apiserver.webui]
enable = {{ .Values.garm.apiserver.webui.enable }}
[database]
backend = "{{ .Values.garm.database.backend }}"
passphrase = "{{ include "garm.dbPassphrase" . }}"
[database.sqlite3]
db_file = "{{ .Values.garm.database.sqlite3.dbFile }}"
{{- range .Values.garm.provider }}
[[provider]]
name = "{{ .name }}"
description = "{{ .description }}"
provider_type = "{{ .providerType }}"
[provider.external]
config_file = "{{ .external.configFile }}"
provider_executable = "{{ .external.providerExecutable }}"
environment_variables = {{ .external.environmentVariables | toJson }}
{{- end }}
k8s-provider-config.toml: |
kubeConfigPath: "" # path to a kubernetes config file - if empty the in cluster config will be used
runnerNamespace: {{ .Values.providerConfig.k8s.runnerNamespace | quote }}
podTemplate: # pod template to use for the runner pods / helpful to add sidecar containers
spec:
volumes:
- name: my-additional-volume
emptyDir: {}
flavors:
{{- toYaml .Values.providerConfig.k8s.flavors | nindent 6 }}
edge-connect-provider-config.toml: |
log_file = "/garm/provider.log"
credentials_file = "/etc/garm-creds/creds.toml"
[edge_connect]
organization = {{ .Values.providerConfig.edgeConnect.organization | quote }}
region = {{ .Values.providerConfig.edgeConnect.region | quote }}
url = {{ .Values.providerConfig.edgeConnect.edgeConnectUrl | quote }}
default_flavor = {{ .Values.providerConfig.edgeConnect.defaultFlavor | quote }}
[edge_connect.cloudlet]
name = {{ .Values.providerConfig.edgeConnect.cloudlet.name | quote }}
organization = {{ .Values.providerConfig.edgeConnect.cloudlet.organization | quote }}
{{- if not .Values.credentials.edgeConnect.existingSecretName }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "garm.fullname" . }}-edge-connect-creds
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-5"
stringData:
creds.toml: |
username = "{{ required "Edge Connect username is required" .Values.credentials.edgeConnect.username }}"
password = "{{ required "Edge Connect password is required" .Values.credentials.edgeConnect.password }}"
{{- end }}
Reference in a new issue View git blame Copy permalink