From 336cfaceebbcc120e700a15b8f124b06d9906c9d Mon Sep 17 00:00:00 2001
From: keval <keval@middleware.io>
Date: Tue, 17 Sep 2024 22:15:16 +0530
Subject: [PATCH] Allowing to read MW_API_KEY from a custom secret

---
 charts/mw-kube-agent-v2/Chart.yaml             |  2 +-
 charts/mw-kube-agent-v2/templates/cronjob.yaml |  8 ++++++++
 .../mw-kube-agent-v2/templates/daemonset.yaml  |  8 ++++++++
 .../mw-kube-agent-v2/templates/deployment.yaml |  8 ++++++++
 charts/mw-kube-agent-v2/templates/secret.yaml  | 18 +-----------------
 5 files changed, 26 insertions(+), 18 deletions(-)

diff --git a/charts/mw-kube-agent-v2/Chart.yaml b/charts/mw-kube-agent-v2/Chart.yaml
index 783936c..b2c05c5 100644
--- a/charts/mw-kube-agent-v2/Chart.yaml
+++ b/charts/mw-kube-agent-v2/Chart.yaml
@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 2.1.2
+version: 2.1.3
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
diff --git a/charts/mw-kube-agent-v2/templates/cronjob.yaml b/charts/mw-kube-agent-v2/templates/cronjob.yaml
index 917e4ff..47fe878 100644
--- a/charts/mw-kube-agent-v2/templates/cronjob.yaml
+++ b/charts/mw-kube-agent-v2/templates/cronjob.yaml
@@ -34,11 +34,19 @@ spec:
                   value: {{ .Values.clusterMetadata.name }}
                 - name: MW_NAMESPACE
                   value: {{ .Values.namespace.name }}
+                {{- if .Values.mw.apiKeyFromExistingSecret.enabled }}
+                - name: MW_API_KEY
+                  valueFrom:
+                    secretKeyRef:
+                      name: {{ .Values.mw.apiKeyFromExistingSecret.name }}
+                      key: {{ .Values.mw.apiKeyFromExistingSecret.key }}
+                {{- else }}
                 - name: MW_API_KEY
                   valueFrom:
                     secretKeyRef:
                       name: middleware-secret
                       key: api-key
+                {{- end }}
               securityContext:
                 privileged: true
           restartPolicy: OnFailure
diff --git a/charts/mw-kube-agent-v2/templates/daemonset.yaml b/charts/mw-kube-agent-v2/templates/daemonset.yaml
index abec8b9..cdcb93c 100644
--- a/charts/mw-kube-agent-v2/templates/daemonset.yaml
+++ b/charts/mw-kube-agent-v2/templates/daemonset.yaml
@@ -68,11 +68,19 @@ spec:
               value: {{ .Values.mw.selfProfiling | quote }}
             - name: MW_PROFILING_SERVER_URL
               value: {{ .Values.mw.profilingServerUrl | quote}}
+            {{- if .Values.mw.apiKeyFromExistingSecret.enabled }}
+            - name: MW_API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.mw.apiKeyFromExistingSecret.name }}
+                  key: {{ .Values.mw.apiKeyFromExistingSecret.key }}
+            {{- else }}
             - name: MW_API_KEY
               valueFrom:
                 secretKeyRef:
                   name: middleware-secret
                   key: api-key
+            {{- end }}
           resources:
           {{- toYaml .Values.resources | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
diff --git a/charts/mw-kube-agent-v2/templates/deployment.yaml b/charts/mw-kube-agent-v2/templates/deployment.yaml
index 723e18b..e26373b 100644
--- a/charts/mw-kube-agent-v2/templates/deployment.yaml
+++ b/charts/mw-kube-agent-v2/templates/deployment.yaml
@@ -55,11 +55,19 @@ spec:
               value: {{ .Values.mw.selfProfiling | quote }}
             - name: MW_PROFILING_SERVER_URL
               value: {{ .Values.mw.profilingServerUrl | quote }}
+            {{- if .Values.mw.apiKeyFromExistingSecret.enabled }}
+            - name: MW_API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.mw.apiKeyFromExistingSecret.name }}
+                  key: {{ .Values.mw.apiKeyFromExistingSecret.key }}
+            {{- else }}
             - name: MW_API_KEY
               valueFrom:
                 secretKeyRef:
                   name: middleware-secret
                   key: api-key
+            {{- end }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
diff --git a/charts/mw-kube-agent-v2/templates/secret.yaml b/charts/mw-kube-agent-v2/templates/secret.yaml
index 937a60c..98b206c 100644
--- a/charts/mw-kube-agent-v2/templates/secret.yaml
+++ b/charts/mw-kube-agent-v2/templates/secret.yaml
@@ -8,20 +8,4 @@ metadata:
 type: Opaque
 
 data:
-  api-key: {{- if .Values.mw.apiKeyFromExistingSecret.enabled }}
-             {{- $secretName := $.Values.mw.apiKeyFromExistingSecret.name }}
-             {{- $secretKey := $.Values.mw.apiKeyFromExistingSecret.key }}
-             {{- $namespace := $.Values.namespace.name }}
-             {{- $secret := lookup "v1" "Secret" $namespace $secretName }}
-             {{- if $secret}}
-               {{- $apiKey := index $secret.data $secretKey }}
-               {{- if $apiKey }}
-                 {{ $apiKey }}
-               {{- else }}
-                 {{- fail "Could not read MW API Key from existing secret" }}
-               {{- end }}
-             {{- end }}
-             
-           {{- else }}
-             {{ .Values.mw.apiKey | toString | b64enc }}   
-           {{- end }}
+  api-key: {{ .Values.mw.apiKey | b64enc | quote }}