Add option to manage secrets outside of helm

So that a user can manage the nodepool config file (which is a secret) outside of helm, add an option where the user can specify the name of that secret as a value, and if it's set, helm will not write the secret and will tell k8s to mount that secret as the nodepool config instead. Change-Id: Ifa1b5e81b6c7700faef82f3b18aab157d042e735
2020-01-10 13:49:33 -08:00 · 2020-01-10 13:49:33 -08:00 · 9afaed4d37
commit 9afaed4d37
parent 77ddeb499f
3 changed files with 5 additions and 3 deletions
--- a/charts/nodepool/templates/builder/statefulset.yaml
+++ b/charts/nodepool/templates/builder/statefulset.yaml
@ -40,7 +40,7 @@ spec:
      volumes:
      - name: nodepool-config
        secret:
-          secretName: {{ include "nodepool.fullname" . }}
+          secretName: {{ (empty .Values.config.secret) | ternary (include "nodepool.fullname" .) .Values.config.secret  }}
      - name: nodepool-logs
        emptyDir: {}
      - name: dev
--- a/charts/nodepool/templates/launcher/deployment.yaml
+++ b/charts/nodepool/templates/launcher/deployment.yaml
@ -31,7 +31,7 @@ spec:
      volumes:
      - name: nodepool-config
        secret:
-          secretName: {{ include "nodepool.fullname" . }}
+          secretName: {{ (empty .Values.config.secret) | ternary (include "nodepool.fullname" .) .Values.config.secret  }}
    {{- with .Values.tolerations }}
      tolerations:
 {{ toYaml . | indent 8 }}
--- a/charts/nodepool/templates/secret.yaml
+++ b/charts/nodepool/templates/secret.yaml
@ -1,4 +1,5 @@
 ---
+{{ if not .Values.config.secret }}
 apiVersion: v1
 kind: Secret
 metadata:
@ -11,4 +12,5 @@ stringData:
 {{ toYaml .Values.config | indent 4 }}
  clouds.yaml: |
    clouds:
-{{ toYaml .Values.clouds | indent 6 }}
+{{ toYaml .Values.clouds | indent 6 }}
+{{ end }}