diff --git a/.editorconfig b/.editorconfig index 64b83610..87df78a8 100644 --- a/.editorconfig +++ b/.editorconfig @@ -5,5 +5,5 @@ charset = utf-8 insert_final_newline = true end_of_line = lf -[*.yml] +[*.{yml,yaml}] indent_style = space diff --git a/infra/k8s/helm/templates/jetdisc/configMap.yaml b/infra/k8s/helm/templates/jetdisc/configMap.yaml index 6bc3f554..7017f9f5 100644 --- a/infra/k8s/helm/templates/jetdisc/configMap.yaml +++ b/infra/k8s/helm/templates/jetdisc/configMap.yaml @@ -5,3 +5,4 @@ metadata: data: BOT_NAME: {{ .Values.configMap.botName | quote }} STORE_DRIVER: {{ .Values.configMap.storeDriver | quote }} + SET_COMMANDS_TARGET_SERVERS: {{ .Values.configMap.setCommandsTargetServers }} diff --git a/infra/k8s/helm/templates/jetdisc/deployment.yaml b/infra/k8s/helm/templates/jetdisc/deployment.yaml index a41be7ae..64273830 100644 --- a/infra/k8s/helm/templates/jetdisc/deployment.yaml +++ b/infra/k8s/helm/templates/jetdisc/deployment.yaml @@ -22,7 +22,7 @@ spec: imagePullPolicy: {{ .Values.image.pullPolicy }} envFrom: - secretRef: - name: jetdisc-secret + name: {{ .Values.externalSecrets.targetName }} - configMapRef: name: jetdisc-configmap resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/infra/k8s/helm/templates/jetdisc/externalsecret.yaml b/infra/k8s/helm/templates/jetdisc/externalsecret.yaml new file mode 100644 index 00000000..5c98891b --- /dev/null +++ b/infra/k8s/helm/templates/jetdisc/externalsecret.yaml @@ -0,0 +1,19 @@ +{{ if .Values.externalSecrets.enabled }} +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: jetdisc-external-secret +spec: + refreshInterval: {{ .Values.externalSecrets.refreshInterval }} + secretStoreRef: + kind: {{ .Values.externalSecrets.secretStoreRef.kind }} + name: {{ .Values.externalSecrets.secretStoreRef.name }} + namespace: {{ .Values.externalSecrets.secretStoreRef.namespace }} + target: + name: {{ .Values.externalSecrets.targetName }} + creationPolicy: {{ .Values.externalSecrets.creationPolicy }} + data: + - secretKey: DISCORD_APP_TOKEN + remoteRef: + key: jetdisc_discord_app_token +{{ end }} diff --git a/infra/k8s/helm/templates/jetdisc/secret.yaml b/infra/k8s/helm/templates/jetdisc/secret.yaml deleted file mode 100644 index 48d54643..00000000 --- a/infra/k8s/helm/templates/jetdisc/secret.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: jetdisc-secret -type: Opaque -data: - DISCORD_APP_TOKEN: {{ .Values.secrets.discordAppToken | b64enc | quote }} - SET_COMMANDS_TARGET_SERVERS: {{ .Values.secrets.setCommandsTargetServers | b64enc }} diff --git a/infra/k8s/helm/values.yaml b/infra/k8s/helm/values.yaml index ea2b7292..17ac63b9 100644 --- a/infra/k8s/helm/values.yaml +++ b/infra/k8s/helm/values.yaml @@ -8,11 +8,11 @@ image: secrets: discordAppToken: "" - setCommandsTargetServers: "" configMap: botName: "" storeDriver: "local" + setCommandsTargetServers: "" resources: limits: @@ -21,3 +21,12 @@ resources: requests: cpu: 250m memory: 128Mi + +externalSecrets: + enabled: true + secretStoreRef: + kind: ClusterSecretStore + name: secretstore + targetName: jetdisc-secret + creationPolicy: Owner + refreshInterval: 1h