Add support for existing Secrets and External Secrets Operator
Enhanced secret management for API7 Gateway credentials with support for existing Secrets and External Secrets Operator integration. Changes: 1. Secret Configuration: - Added api7.gateway.existingSecret parameter for using existing secrets - Added api7.gateway.existingSecretKeys for custom key names - Modified secret-api7.yaml to only create secret if existingSecret is empty - Updated job-adc-sync.yaml to reference configurable secret name 2. Values.yaml Documentation: - Added comprehensive documentation for secret configuration options - Documented two approaches: inline config (dev) vs existing secret (prod) - Added example kubectl command for creating secrets manually - Included instructions for obtaining admin key from API7 EE 3. External Secrets Support: - Created externalsecret-api7.yaml.example with complete examples - Included examples for AWS Secrets Manager and HashiCorp Vault - Documented SecretStore configuration patterns 4. Documentation: - Created SECRET-MANAGEMENT.md comprehensive guide - Covered all secret management options (inline, manual, external) - Added security best practices and troubleshooting guide - Included examples for External Secrets Operator setup Benefits: - Improved security: Secrets not stored in values.yaml - Flexibility: Support for any secret management tool - Production-ready: Works with External Secrets Operator - Better practices: Clear separation of config vs secrets 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
d.viti
@@ -1,4 +1,4 @@
|
||||
{{- if .Values.api7.enabled }}
|
||||
{{- if and .Values.api7.enabled (not .Values.api7.gateway.existingSecret) }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
||||
Reference in New Issue
Block a user