Breakout secrets into individual files

chart/templates/logging/eck-operator/imagepullsecret.yaml

+{{- if or .Values.eckoperator.enabled .Values.logging.enabled .Values.clusterAuditor.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: private-registry
+  namespace: eck-operator
+  labels:
+    app.kubernetes.io/name: eck-operator
+    app.kubernetes.io/component: "core"
+    {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file

chart/templates/logging/eck-operator/namespace.yaml

@@ -7,19 +7,4 @@ metadata:
     app.kubernetes.io/name: eck-operator
     app.kubernetes.io/component: "core"
     {{- include "commonLabels" . | nindent 4}}
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: private-registry
-  namespace: eck-operator
-  labels:
-    app.kubernetes.io/name: eck-operator
-    app.kubernetes.io/component: "core"
-    {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
-  .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
 {{- end }}
\ No newline at end of file

chart/templates/logging/elasticsearch-kibana/imagepullsecret.yaml

+{{- if or .Values.logging.enabled .Values.clusterAuditor.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: private-registry
+  namespace: logging
+  labels:
+    app.kubernetes.io/name: logging
+    app.kubernetes.io/component: "core"
+    {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file

chart/templates/logging/elasticsearch-kibana/namespace.yaml

@@ -18,19 +18,4 @@ metadata:
     app.kubernetes.io/component: "core"
     {{- include "commonLabels" . | nindent 4}}
     istio-injection: {{ $istioInjection }}
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: private-registry
-  namespace: logging
-  labels:
-    app.kubernetes.io/name: logging
-    app.kubernetes.io/component: "core"
-    {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
-  .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
 {{- end }}
\ No newline at end of file

chart/templates/mattermost/mattermost/imagepullsecret.yaml

+{{- if .Values.addons.mattermost.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: private-registry
+  namespace: mattermost
+  labels:
+    app.kubernetes.io/name: mattermost
+    app.kubernetes.io/component: "collaboration-tools"
+    {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file

chart/templates/mattermost/mattermost/namespace.yaml

@@ -8,60 +8,4 @@ metadata:
     app.kubernetes.io/component: "collaboration-tools"
     {{- include "commonLabels" . | nindent 4}}
   name: mattermost
-
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: private-registry
-  namespace: mattermost
-  labels:
-    app.kubernetes.io/name: mattermost
-    app.kubernetes.io/component: "collaboration-tools"
-    {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
-  .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
-
----
-{{- with .Values.addons.mattermost.database }}
-{{- if and .username .password .host .port .database }}
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
-  name: mattermost-database-secret
-  namespace: mattermost
-  labels:
-    app.kubernetes.io/name: mattermost
-    app.kubernetes.io/component: "collaboration-tools"
-    {{- include "commonLabels" $ | nindent 4}}
-stringData:
-  DB_CONNECTION_CHECK_URL: "postgres://{{ .username }}:{{ .password }}@{{ .host }}:{{ .port }}/{{ .database }}?connect_timeout=10&sslmode={{ .ssl_mode | default "disable" }}"
-  DB_CONNECTION_STRING: "postgres://{{ .username }}:{{ .password }}@{{ .host }}:{{ .port }}/{{ .database }}?connect_timeout=10&sslmode={{ .ssl_mode | default "disable" }}"
-{{- end }}
-{{- end }}
-
----
-{{- with .Values.addons.mattermost.objectStorage }}
-{{- if and .endpoint .accessKey .accessSecret .bucket }}
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
-  name: "mattermost-objectstorage-secret"
-  namespace: mattermost
-  labels:
-    app.kubernetes.io/name: mattermost
-    app.kubernetes.io/component: "collaboration-tools"
-    {{- include "commonLabels" $ | nindent 4}}
-data:
-  accesskey: {{ .accessKey | b64enc }}
-  secretkey: {{ .accessSecret | b64enc }}
-{{- end }}
-{{- end }}
-
----
 {{- end }}
\ No newline at end of file

chart/templates/mattermost/mattermost/secret-database.yaml

+{{- if .Values.addons.mattermost.enabled }}
+{{- with .Values.addons.mattermost.database }}
+{{- if and .username .password .host .port .database }}
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: mattermost-database-secret
+  namespace: mattermost
+  labels:
+    app.kubernetes.io/name: mattermost
+    app.kubernetes.io/component: "collaboration-tools"
+    {{- include "commonLabels" $ | nindent 4}}
+stringData:
+  DB_CONNECTION_CHECK_URL: "postgres://{{ .username }}:{{ .password }}@{{ .host }}:{{ .port }}/{{ .database }}?connect_timeout=10&sslmode={{ .ssl_mode | default "disable" }}"
+  DB_CONNECTION_STRING: "postgres://{{ .username }}:{{ .password }}@{{ .host }}:{{ .port }}/{{ .database }}?connect_timeout=10&sslmode={{ .ssl_mode | default "disable" }}"
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file

chart/templates/mattermost/mattermost/secret-objectstore.yaml

+{{- if .Values.addons.mattermost.enabled }}
+{{- with .Values.addons.mattermost.objectStorage }}
+{{- if and .endpoint .accessKey .accessSecret .bucket }}
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: "mattermost-objectstorage-secret"
+  namespace: mattermost
+  labels:
+    app.kubernetes.io/name: mattermost
+    app.kubernetes.io/component: "collaboration-tools"
+    {{- include "commonLabels" $ | nindent 4}}
+data:
+  accesskey: {{ .accessKey | b64enc }}
+  secretkey: {{ .accessSecret | b64enc }}
+{{- end }}
+{{- end }}
+{{- end }}

chart/templates/mattermost/operator/imagepullsecret.yaml

+{{- if or .Values.addons.mattermostoperator.enabled .Values.addons.mattermost.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: private-registry
+  namespace: mattermost-operator
+  labels:
+    app.kubernetes.io/name: mattermost-operator
+    app.kubernetes.io/component: "collaboration-tools"
+    {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file

chart/templates/mattermost/operator/namespace.yaml

@@ -8,19 +8,4 @@ metadata:
     app.kubernetes.io/name: mattermost-operator
     app.kubernetes.io/component: "collaboration-tools"
     {{- include "commonLabels" . | nindent 4}}
-{{- if ( include "imagePullSecret" . ) }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: private-registry
-  namespace: mattermost-operator
-  labels:
-    app.kubernetes.io/name: mattermost-operator
-    app.kubernetes.io/component: "collaboration-tools"
-    {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
-  .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
 {{- end }}

chart/templates/minio/minio-operator/imagepullsecret.yaml

+{{- if or .Values.addons.mattermostoperator.enabled .Values.addons.mattermost.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: private-registry
+  namespace: mattermost-operator
+  labels:
+    app.kubernetes.io/name: mattermost-operator
+    app.kubernetes.io/component: "collaboration-tools"
+    {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file

chart/templates/minio/minio/imagepullsecret.yaml

+{{- if .Values.addons.minio.enabled }}
+{{- if (   include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: private-registry
+  namespace: minio
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file

chart/templates/minio/minio/namespace.yaml

@@ -8,26 +8,4 @@ metadata:
     app.kubernetes.io/name: minio
     app.kubernetes.io/component: "application-utilities"
     {{- include "commonLabels" . | nindent 4}}
----
-{{- if (   include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: private-registry
-  namespace: minio
-type: kubernetes.io/dockerconfigjson
-data:
-  .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
----
-# probably want to get rid of this eventually
-apiVersion: v1
-kind: Secret
-metadata:
-  name: minio-root-creds-secret
-  namespace: minio
-type: Opaque
-data:
-  accesskey: {{ .Values.addons.minio.accesskey | default "minio" | b64enc }}
-  secretkey: {{ .Values.addons.minio.secretkey | default "minio123" | b64enc }}
 {{- end }}

chart/templates/minio/minio/secret.yaml

+{{- if .Values.addons.minio.enabled }}
+# probably want to get rid of this eventually
+apiVersion: v1
+kind: Secret
+metadata:
+  name: minio-root-creds-secret
+  namespace: minio
+type: Opaque
+data:
+  accesskey: {{ .Values.addons.minio.accesskey | default "minio" | b64enc }}
+  secretkey: {{ .Values.addons.minio.secretkey | default "minio123" | b64enc }}
+{{- end }}
\ No newline at end of file

chart/templates/monitoring/imagepullsecret.yaml

+{{- if .Values.monitoring.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: private-registry
+  namespace: monitoring
+  labels:
+    app.kubernetes.io/name: monitoring
+    app.kubernetes.io/component: "core"
+    {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file

chart/templates/monitoring/namespace.yaml

@@ -7,19 +7,4 @@ metadata:
     app.kubernetes.io/name: monitoring
     app.kubernetes.io/component: "core"
     {{- include "commonLabels" . | nindent 4}}
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: private-registry
-  namespace: monitoring
-  labels:
-    app.kubernetes.io/name: monitoring
-    app.kubernetes.io/component: "core"
-    {{- include "commonLabels" . | nindent 4}}
-type: kubernetes.io/dockerconfigjson
-data:
-  .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
 {{- end }}
\ No newline at end of file

chart/templates/sonarqube/imagepullsecret.yaml

+{{- if .Values.addons.sonarqube.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: private-registry
+  namespace: sonarqube
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}

chart/templates/sonarqube/namespace.yaml

@@ -3,27 +3,4 @@ apiVersion: v1
 kind: Namespace
 metadata:
   name: sonarqube
----
-{{- if ( include "imagePullSecret" . ) }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: private-registry
-  namespace: sonarqube
-type: kubernetes.io/dockerconfigjson
-data:
-  .dockerconfigjson: {{ template "imagePullSecret" . }}
-{{- end }}
----
-# create database secret
-{{- if and .Values.addons.sonarqube.database.host .Values.addons.sonarqube.database.username .Values.addons.sonarqube.database.password .Values.addons.sonarqube.database.database .Values.addons.sonarqube.database.port }}
-apiVersion: v1
-kind: Secret
-metadata:
-    name: sonarqube-db-secret
-    namespace: sonarqube
-type: kubernetes.io/opaque
-stringData:
-    postgresql-password: {{ .Values.addons.sonarqube.database.password }}
-{{- end }}
 {{- end }}

chart/templates/sonarqube/secret-database.yaml

+{{- if .Values.addons.sonarqube.enabled }}
+# create database secret
+{{- if and .Values.addons.sonarqube.database.host .Values.addons.sonarqube.database.username .Values.addons.sonarqube.database.password .Values.addons.sonarqube.database.database .Values.addons.sonarqube.database.port }}
+apiVersion: v1
+kind: Secret
+metadata:
+    name: sonarqube-db-secret
+    namespace: sonarqube
+type: kubernetes.io/opaque
+stringData:
+    postgresql-password: {{ .Values.addons.sonarqube.database.password }}
+{{- end }}
+{{- end }}

chart/templates/twistlock/imagepullsecret.yaml

+{{- if .Values.twistlock.enabled }}
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: private-registry
+  namespace: twistlock
+  labels:
+    app.kubernetes.io/name: twistlock
+    app.kubernetes.io/component: "security"
+    {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file