28 lines
848 B
YAML
28 lines
848 B
YAML
{{- if and .Values.orchard.database.secretsManager .Values.orchard.database.secretsManager.enabled }}
|
|
apiVersion: secrets-store.csi.x-k8s.io/v1
|
|
kind: SecretProviderClass
|
|
metadata:
|
|
name: {{ include "orchard.fullname" . }}-db-secret
|
|
labels:
|
|
{{- include "orchard.labels" . | nindent 4 }}
|
|
spec:
|
|
provider: aws
|
|
parameters:
|
|
objects: |
|
|
- objectName: "{{ .Values.orchard.database.secretsManager.secretArn }}"
|
|
objectType: "secretsmanager"
|
|
jmesPath:
|
|
- path: username
|
|
objectAlias: db-username
|
|
- path: password
|
|
objectAlias: db-password
|
|
secretObjects:
|
|
- secretName: {{ include "orchard.fullname" . }}-db-credentials
|
|
type: Opaque
|
|
data:
|
|
- objectName: db-username
|
|
key: username
|
|
- objectName: db-password
|
|
key: password
|
|
{{- end }}
|