Skip to content

validatedpatterns/golang-external-secrets-chart

BranchesTags

Repository files navigation

golang-external-secrets

Version: 0.1.2

A Helm chart to configure the golang-based external-secrets.

This chart is used by the Validated Patterns to set up the external secrets

Homepage: https://github.com/validatedpatterns/golang-external-secrets-chart

Maintainers

Name Email Url
Validated Patterns Team [email protected]

Requirements

Repository Name Version
https://charts.external-secrets.io external-secrets 0.10.0

Values

Key Type Default Description
clusterGroup.isHubCluster bool true The variable that defines when a cluster is the HUB
external-secrets object depends on the individual settings A few settings containing which images are being used
external-secrets.certController.image.tag string "v0.10.0-ubi" Tag for the ESO certController image
external-secrets.image.tag string "v0.10.0-ubi" Tag for the ESO main image
external-secrets.webhook.image.tag string "v0.10.0-ubi" Tag for the ESO webhook image
global object depends on the individual settings The global namespace containes some globally used variables used in patterns
global.clusterDomain string "foo.example.com" The DNS entry for the cluster the chart is being rendered on
global.hubClusterDomain string "hub.example.com" The DNS entry for the hub cluster
global.secretStore.backend string "vault" The backend of ESO being used in the pattern
golangExternalSecrets object depends on the individual settings Dictionary of all the settings to configure this chart
golangExternalSecrets.caProvider object depends on the individual settings This controls how ESO connects to vault and it allows to specify where the public key of the CA that signed the API endpoint to talke to the vault
golangExternalSecrets.caProvider.clientCluster object depends on the individual settings Where to fetch the CA that signed the vault API endpoint when on a spoke cluster
golangExternalSecrets.caProvider.clientCluster.key string "hub-kube-root-ca.crt" Key of object where the CA is stored
golangExternalSecrets.caProvider.clientCluster.name string "hub-ca" Name of object where the CA is stored
golangExternalSecrets.caProvider.clientCluster.namespace string "golang-external-secrets" Namespace of object where the CA is stored
golangExternalSecrets.caProvider.clientCluster.type string "Secret" Type of object where the CA is stored
golangExternalSecrets.caProvider.enabled bool true When set to true this uses a custom CA to talk to vault
golangExternalSecrets.caProvider.hostCluster object depends on the individual settings Where to fetch the CA that signed the vault API endpoint when on the hub cluster
golangExternalSecrets.caProvider.hostCluster.key string "ca.crt" Key of object where the CA is stored
golangExternalSecrets.caProvider.hostCluster.name string "kube-root-ca.crt" Name of object where the CA is stored
golangExternalSecrets.caProvider.hostCluster.namespace string "golang-external-secrets" Namespace of object where the CA is stored
golangExternalSecrets.caProvider.hostCluster.type string "ConfigMap" Type of object where the CA is stored
golangExternalSecrets.kubernetes object depends on the individual settings Settings relevant when using the kubernetes backend
golangExternalSecrets.kubernetes.remoteNamespace string "validated-patterns-secrets" The remote namespace used in the ClusterSecretStore
golangExternalSecrets.kubernetes.server.url string "https://kubernetes.default" The URL used in the ClusterSecretStore
golangExternalSecrets.rbac.rolename string "hub-role" The name of the vault role when connecting to the vault from the hub
golangExternalSecrets.vault object depends on the individual settings Some vault configuration entries
golangExternalSecrets.vault.mountPath string "hub" The vault secrets' path when connecting to it from the hub

Autogenerated from chart metadata using helm-docs v1.14.2

Subchart Update

When updating this sub-chart, please remember to tweak the image tag in values.yaml. That is because we want to use -ubi images if possible and there is no suffix option, so we just override the tag with the version + "-ubi"

Steps

  1. Edit the version in Chart.yaml
  2. Run helm dependency update .
  3. Run ./update-helm-dependency.sh
  4. Tweak values.yaml with the new image versions
  5. Run make test
  6. Commit to Git

About

No description or website provided.

Topics

helm-chart

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

8 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages