CH-170 fix secrets upgrade -- bad push

MetaCell · Jan 15, 2025 · b101e44 · b101e44
1 parent 04aa612
commit b101e44
Showing 1 changed file with 20 additions and 12 deletions.
diff --git a/deployment-configuration/helm/templates/auto-secrets.yaml b/deployment-configuration/helm/templates/auto-secrets.yaml
@@ -16,27 +16,35 @@ stringData:
     {{- if $v  }}
       {{- if eq (typeOf $v) "string" }}
         {{- if ne $v "?" }}
-  # Set secret value to value in values.yaml if specified
+        # Update/set value to value in values.yaml if specified
   {{ $k }}: {{ $v  | quote }}
-{{ $k }}-new: {{ "updated" }}
+#  {{ $k }}-updated: "it's a non empty string"
         {{- else }}
-  # Refresh at any deployment for ? (pure random) value
+        # Refresh at any deployment for ? (pure random) value
+#  {{ $k }}-random: "set to a random string"
   {{ $k }}: {{ randAlphaNum 20 | quote }}
-        {{- end }} 
-      {{- end }}
-    {{- else if eq (typeOf $secret.data) "map" }}
+        {{- end }}
+      {{- else }}
+      # Type not recognized: setting to a empty string"
+    {{ $k }}: "" 
+    # {{ $k }}-formatnotrecognized: {{ typeOf $v }}
+      {{- end }}  
+    {{- else if eq (typeOf $secret.data) (typeOf dict) }}
+    # Value empty or null in the values.yaml
       {{- if not (hasKey $secret.data $k) }}
-  # Create a random secret value if not specified in values.yaml if it is not set and it is not already in the deployed secret (static random secret) */}}
+      # Create a random secret value if not specified in values.yaml if it is not set and it is not already in the deployed secret (static random secret) */}}
+#  {{ $k }}-random-empty: new-random
   {{ $k }}: {{ randAlphaNum 20 | quote }} 
+      {{- else }}
+      # confirm previous value from the secret (static random secret already set, do nothing)
+#  {{ $k }}-confirm: {{ index $secret.data $k | quote }}  
       {{- end}}
-    {{- else }}
-  # This value should have been set in the values files or in the CI/CD pipeline"
-  {{ $k }}: "" 
     {{- end }}
-
-  {{- end }}
+  {{- end }} # range end
 {{- else }}
+# New secret
   {{- range $k, $v := .app.harness.secrets }}
+  {{ $k }}-new: {{ $v | default (randAlphaNum 20) | quote }}
   {{ $k }}: {{ $v | default (randAlphaNum 20) | quote }}
   {{- end }}
 {{- end }}