From 9800500dd8a4dc3f9fb121763b699f437324e080 Mon Sep 17 00:00:00 2001 From: EliseCastle23 Date: Mon, 11 Mar 2024 13:44:49 -0600 Subject: [PATCH 1/2] Refining the configuration to enable External Secrets with precision and granularity. --- helm/fence/Chart.yaml | 2 +- helm/fence/README.md | 2 +- helm/fence/templates/fence-config.yaml | 2 +- helm/fence/templates/fence-secret.yaml | 2 +- helm/fence/templates/jwt-keys.yaml | 2 +- helm/gen3/Chart.yaml | 6 +++--- helm/gen3/README.md | 6 +++--- helm/indexd/Chart.yaml | 2 +- helm/indexd/README.md | 2 +- helm/indexd/templates/indexd-secret.yaml | 2 +- 10 files changed, 14 insertions(+), 14 deletions(-) diff --git a/helm/fence/Chart.yaml b/helm/fence/Chart.yaml index ed6d1d7e..4336627d 100644 --- a/helm/fence/Chart.yaml +++ b/helm/fence/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.15 +version: 0.1.16 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/fence/README.md b/helm/fence/README.md index 7179e211..1fa81050 100644 --- a/helm/fence/README.md +++ b/helm/fence/README.md @@ -1,6 +1,6 @@ # fence -![Version: 0.1.15](https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.16](https://img.shields.io/badge/Version-0.1.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 Fence diff --git a/helm/fence/templates/fence-config.yaml b/helm/fence/templates/fence-config.yaml index cd7943d9..e594d072 100644 --- a/helm/fence/templates/fence-config.yaml +++ b/helm/fence/templates/fence-config.yaml @@ -1,4 +1,4 @@ -{{- if or (not .Values.global.externalSecrets.deploy) (and .Values.global.externalSecrets.deploy .Values.externalSecrets.createK8sFenceSecrets) }} +{{- if or (not .Values.global.externalSecrets.deploy) (and .Values.global.externalSecrets.deploy .Values.externalSecrets.createK8sFenceConfigSecret) }} apiVersion: v1 kind: Secret metadata: diff --git a/helm/fence/templates/fence-secret.yaml b/helm/fence/templates/fence-secret.yaml index 0c1e0832..7bd3675a 100644 --- a/helm/fence/templates/fence-secret.yaml +++ b/helm/fence/templates/fence-secret.yaml @@ -1,4 +1,3 @@ -{{- if or (not .Values.global.externalSecrets.deploy) (and .Values.global.externalSecrets.deploy .Values.externalSecrets.createK8sFenceSecrets) }} apiVersion: v1 kind: Secret metadata: @@ -6,6 +5,7 @@ metadata: type: Opaque data: {{ (.Files.Glob "fence-secret/*").AsSecrets | indent 2 }} +{{- if or (not .Values.global.externalSecrets.deploy) (and .Values.global.externalSecrets.deploy .Values.externalSecrets.createK8sGoogleAppSecrets) }} --- apiVersion: v1 kind: Secret diff --git a/helm/fence/templates/jwt-keys.yaml b/helm/fence/templates/jwt-keys.yaml index 68d72895..06d10f28 100644 --- a/helm/fence/templates/jwt-keys.yaml +++ b/helm/fence/templates/jwt-keys.yaml @@ -1,4 +1,4 @@ -{{- if or (not .Values.global.externalSecrets.deploy) (and .Values.global.externalSecrets.deploy .Values.externalSecrets.createK8sFenceSecrets) }} +{{- if or (not .Values.global.externalSecrets.deploy) (and .Values.global.externalSecrets.deploy .Values.externalSecrets.createK8sJwtKeysSecret) }} apiVersion: v1 kind: Secret metadata: diff --git a/helm/gen3/Chart.yaml b/helm/gen3/Chart.yaml index 864b445e..a6d27e51 100644 --- a/helm/gen3/Chart.yaml +++ b/helm/gen3/Chart.yaml @@ -32,7 +32,7 @@ dependencies: repository: file://../etl condition: etl.enabled - name: fence - version: 0.1.15 + version: 0.1.16 repository: "file://../fence" condition: fence.enabled - name: guppy @@ -44,7 +44,7 @@ dependencies: repository: "file://../hatchery" condition: hatchery.enabled - name: indexd - version: 0.1.12 + version: 0.1.13 repository: "file://../indexd" condition: indexd.enabled - name: manifestservice @@ -115,7 +115,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.22 +version: 0.1.23 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/gen3/README.md b/helm/gen3/README.md index 50b8b7cd..89789e7d 100644 --- a/helm/gen3/README.md +++ b/helm/gen3/README.md @@ -1,6 +1,6 @@ # gen3 -![Version: 0.1.22](https://img.shields.io/badge/Version-0.1.22-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.23](https://img.shields.io/badge/Version-0.1.23-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) Helm chart to deploy Gen3 Data Commons @@ -25,10 +25,10 @@ Helm chart to deploy Gen3 Data Commons | file://../aws-es-proxy | aws-es-proxy | 0.1.8 | | file://../common | common | 0.1.9 | | file://../etl | etl | 0.1.0 | -| file://../fence | fence | 0.1.15 | +| file://../fence | fence | 0.1.16 | | file://../guppy | guppy | 0.1.10 | | file://../hatchery | hatchery | 0.1.8 | -| file://../indexd | indexd | 0.1.12 | +| file://../indexd | indexd | 0.1.13 | | file://../manifestservice | manifestservice | 0.1.12 | | file://../metadata | metadata | 0.1.10 | | file://../peregrine | peregrine | 0.1.11 | diff --git a/helm/indexd/Chart.yaml b/helm/indexd/Chart.yaml index 41608207..18a5f053 100644 --- a/helm/indexd/Chart.yaml +++ b/helm/indexd/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.12 +version: 0.1.13 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/indexd/README.md b/helm/indexd/README.md index 55098555..d27514cb 100644 --- a/helm/indexd/README.md +++ b/helm/indexd/README.md @@ -1,6 +1,6 @@ # indexd -![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.13](https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 indexd diff --git a/helm/indexd/templates/indexd-secret.yaml b/helm/indexd/templates/indexd-secret.yaml index d9fb1864..5b296ccf 100644 --- a/helm/indexd/templates/indexd-secret.yaml +++ b/helm/indexd/templates/indexd-secret.yaml @@ -1,4 +1,3 @@ -{{- if or (not .Values.global.externalSecrets.deploy) (and .Values.global.externalSecrets.deploy .Values.externalSecrets.createK8sServiceCredsSecret) }} apiVersion: v1 kind: Secret metadata: @@ -7,6 +6,7 @@ type: Opaque data: {{ (.Files.Glob "indexd-settings/*").AsSecrets | indent 2 }} --- +{{- if or (not .Values.global.externalSecrets.deploy) (and .Values.global.externalSecrets.deploy .Values.externalSecrets.createK8sServiceCredsSecret) }} apiVersion: v1 kind: Secret metadata: From f4f2194cd3277b5eabeb4e92addf7c97db4bd9d7 Mon Sep 17 00:00:00 2001 From: EliseCastle23 Date: Mon, 11 Mar 2024 13:52:16 -0600 Subject: [PATCH 2/2] adding updates to values.yaml for fence --- helm/fence/values.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/helm/fence/values.yaml b/helm/fence/values.yaml index 973bb815..80a02953 100644 --- a/helm/fence/values.yaml +++ b/helm/fence/values.yaml @@ -80,8 +80,12 @@ global: # -- (map) External Secrets settings. externalSecrets: - # -- (string) Will create the Helm "fence-config", "fence-google-app-creds-secret", "fence-google-storage-creds-secret", and "fence-jwt-keys" secrets even if Secrets Manager is enabled. This is helpful if you are wanting to use External Secrets for some, but not all secrets. - createK8sFenceSecrets: false + # -- (string) Will create the Helm "fence-config" secret even if Secrets Manager is enabled. This is helpful if you are wanting to use External Secrets for some, but not all secrets. + createK8sFenceConfigSecret: false + # -- (string) Will create the Helm "fence-jwt-keys" secret even if Secrets Manager is enabled. This is helpful if you are wanting to use External Secrets for some, but not all secrets. + createK8sJwtKeysSecret: false + # -- (string) Will create the Helm "fence-google-app-creds-secret" and "fence-google-storage-creds-secret" secrets even if Secrets Manager is enabled. This is helpful if you are wanting to use External Secrets for some, but not all secrets. + createK8sGoogleAppSecrets: false # -- (string) Will override the name of the aws secrets manager secret. Default is "fence-jwt-keys" fenceJwtKeys: # -- (string) Will override the name of the aws secrets manager secret. Default is "fence-google-app-creds-secret"