[idrac6] Use secrets for iDRAC login details (#16)

charts/idrac6/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: '0.5'
 description: iDRAC 6 web interface and VNC proxy
 name: idrac6
-version: 0.0.1
+version: 0.0.2
 keywords:
   - dell
   - idrac

charts/idrac6/ci/test-values.yaml

@@ -1,5 +1,5 @@
 ---
 idrac:
   host: test
-  user: root
+  username: root
   password: calvin

charts/idrac6/templates/deployment.yaml

@@ -62,11 +62,20 @@ spec:
             - name: GROUP_ID
               value: "{{ .Values.pgid }}"
             - name: IDRAC_HOST
-              value: "{{ .Values.idrac.host }}"
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.existingSecretName | default (printf "%s-secret" (include "idrac6.fullname" .)) }}
+                  key: idrac.host
             - name: IDRAC_USER
-              value: "{{ .Values.idrac.user }}"
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.existingSecretName | default (printf "%s-secret" (include "idrac6.fullname" .)) }}
+                  key: idrac.username
             - name: IDRAC_PASSWORD
-              value: "{{ .Values.idrac.password }}"
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.existingSecretName | default (printf "%s-secret" (include "idrac6.fullname" .)) }}
+                  key: idrac.password
             - name: IDRAC_PORT
               value: "{{ .Values.idrac.port }}"
             - name: IDRAC_KEYCODE_HACK

charts/idrac6/templates/secrets.yaml

@@ -0,0 +1,17 @@
+---
+{{- if not (.Values.existingSecretName) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "idrac6.fullname" . }}-secret
+  labels:
+    app.kubernetes.io/name: {{ include "idrac6.name" . }}
+    helm.sh/chart: {{ include "idrac6.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ include "idrac6.name" . }}
+type: Opaque
+data:
+  idrac.host: {{ .Values.idrac.host | b64enc }}
+  idrac.username: {{ .Values.idrac.username | b64enc }}
+  idrac.password: {{ .Values.idrac.password | b64enc }}
+{{- end }}

charts/idrac6/values.yaml

@@ -28,11 +28,14 @@ timezone: UTC
 puid: 1000
 pgid: 1000
 
+# Existing secret, overrides idrac values
+# existingSecret: test
+
 # iDRAC connection details
 idrac:
   host:
-  user:
-  password:
+  username: root
+  password: calvin
   port: 443
   keycode_hack: false