From 6bb1c78b85682db8ef3e91e489d779004f13ba5f Mon Sep 17 00:00:00 2001 From: Wojtek Bednarzak Date: Fri, 10 Nov 2023 00:46:19 +0000 Subject: [PATCH] Add cloudflare.secretRef for custom secrets This will remove the need to create a secret if the user decides to bring their own secret. --- .../templates/deployment.yaml | 15 +++++++++++++++ .../templates/secret.yaml | 2 ++ .../values.yaml | 14 ++++++++++---- 3 files changed, 27 insertions(+), 4 deletions(-) diff --git a/helm/cloudflare-tunnel-ingress-controller/templates/deployment.yaml b/helm/cloudflare-tunnel-ingress-controller/templates/deployment.yaml index 426ddd0..1bc38fa 100644 --- a/helm/cloudflare-tunnel-ingress-controller/templates/deployment.yaml +++ b/helm/cloudflare-tunnel-ingress-controller/templates/deployment.yaml @@ -43,18 +43,33 @@ spec: - name: CLOUDFLARE_API_TOKEN valueFrom: secretKeyRef: + {{- if hasKey .Values.cloudflare "secretRef" }} + name: {{ .Values.cloudflare.secretRef.name }} + key: {{ .Values.cloudflare.secretRef.apiTokenKey }} + {{- else }} name: cloudflare-api key: api-token + {{- end }} - name: CLOUDFLARE_ACCOUNT_ID valueFrom: secretKeyRef: + {{- if hasKey .Values.cloudflare "secretRef" }} + name: {{ .Values.cloudflare.secretRef.name }} + key: {{ .Values.cloudflare.secretRef.accountIDKey }} + {{- else }} name: cloudflare-api key: cloudflare-account-id + {{- end }} - name: CLOUDFLARE_TUNNEL_NAME valueFrom: secretKeyRef: + {{- if hasKey .Values.cloudflare "secretRef" }} + name: {{ .Values.cloudflare.secretRef.name }} + key: {{ .Values.cloudflare.secretRef.tunnelNameKey }} + {{- else }} name: cloudflare-api key: cloudflare-tunnel-name + {{- end }} - name: NAMESPACE valueFrom: fieldRef: diff --git a/helm/cloudflare-tunnel-ingress-controller/templates/secret.yaml b/helm/cloudflare-tunnel-ingress-controller/templates/secret.yaml index 17522c0..b7b15ed 100644 --- a/helm/cloudflare-tunnel-ingress-controller/templates/secret.yaml +++ b/helm/cloudflare-tunnel-ingress-controller/templates/secret.yaml @@ -1,3 +1,4 @@ +{{- if not (hasKey .Values.cloudflare "secretRef") }} apiVersion: v1 kind: Secret metadata: @@ -6,3 +7,4 @@ stringData: api-token: "{{ .Values.cloudflare.apiToken }}" cloudflare-account-id: "{{ .Values.cloudflare.accountId }}" cloudflare-tunnel-name: "{{ .Values.cloudflare.tunnelName }}" +{{- end }} diff --git a/helm/cloudflare-tunnel-ingress-controller/values.yaml b/helm/cloudflare-tunnel-ingress-controller/values.yaml index 8efbb5e..c3475b5 100644 --- a/helm/cloudflare-tunnel-ingress-controller/values.yaml +++ b/helm/cloudflare-tunnel-ingress-controller/values.yaml @@ -2,11 +2,17 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. - cloudflare: - apiToken: "" - accountId: "" - tunnelName: "" + accountId: "" + tunnelName: "" + apiToken: "" + + # Uncomment if you would like to use an existing secret instead of the creating a new one. + # secretRef: + # name: cloudflare-external-secret + # accountIDKey: account_id + # tunnelNameKey: tunnel_name + # apiTokenKey: api_token ingressClass: name: cloudflare-tunnel