34 lines
1.4 KiB
YAML
34 lines
1.4 KiB
YAML
|
{{- if .Values.global.enable_basicAuth }}
|
||
|
|
||
|
{{- $ironicUsername := "" -}}
|
||
|
{{- $ironicPassword := "" -}}
|
||
|
{{- $ironicSecretName := "ironic-basic-auth" -}}
|
||
|
|
||
|
# Check if the secret is deployed and has a password
|
||
|
{{- $oldIronicSecret := lookup "v1" "Secret" .Release.Namespace $ironicSecretName }}
|
||
|
{{- if and $oldIronicSecret (index $oldIronicSecret.data "username") (index $oldIronicSecret.data "password") }}
|
||
|
{{- $ironicUsername = b64dec (index $oldIronicSecret.data "username" | toString) -}}
|
||
|
{{- $ironicPassword = b64dec (index $oldIronicSecret.data "password" | toString) -}}
|
||
|
# If not, check if a username and password are provided in values.yaml
|
||
|
{{- else if and (.Values.global.auth.ironicUsername) (.Values.global.auth.ironicPassword) }}
|
||
|
{{- $ironicUsername = .Values.global.auth.ironicUsername -}}
|
||
|
{{- $ironicPassword = .Values.global.auth.ironicPassword -}}
|
||
|
{{- else }}
|
||
|
# If no username and password are provided in values.yaml, generate new ones
|
||
|
{{- $ironicUsername = "ironic" -}}
|
||
|
{{- $ironicPassword = (randAlphaNum 20) -}}
|
||
|
{{- end }}
|
||
|
apiVersion: v1
|
||
|
kind: Secret
|
||
|
metadata:
|
||
|
name: {{ $ironicSecretName }}
|
||
|
type: Opaque
|
||
|
data:
|
||
|
username: {{ $ironicUsername | b64enc }}
|
||
|
password: {{ $ironicPassword | b64enc }}
|
||
|
htpasswd: {{ b64enc (htpasswd $ironicUsername $ironicPassword) }}
|
||
|
auth-config: |
|
||
|
{{- printf "[ironic]\nauth_type=http_basic\nusername: %s\npassword: %s" $ironicUsername $ironicPassword | b64enc | nindent 4 }}
|
||
|
|
||
|
{{- end }}
|