bug: fix validation of username/password before creating imagepullsecret

b6c877ff · Josh Wolf · 9ce50639 · b6c877ff · b6c877ff
Commit b6c877ff authored 4 years ago by Josh Wolf
--- a/chart/templates/_helpers.tpl
+++ b/chart/templates/_helpers.tpl
@@ -6,9 +6,11 @@
    {{- include "multipleCreds" . | b64enc }}
    {{- else if eq $credType "map[string]interface {}" }}
      {{- /* If we have a map, treat those as key-value pairs. */ -}}
+      {{- if and .Values.registryCredentials.username .Values.registryCredentials.password }}
      {{- with .Values.registryCredentials }}
      {{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
      {{- end }}
+      {{- end }}
    {{- end -}}
  {{- end }}
 {{- end }}
@@ -16,14 +18,17 @@
 {{- define "multipleCreds" -}}
 {
  "auths": {
-    {{- $length := len .Values.registryCredentials }}
-    {{- range $index, $entry := .Values.registryCredentials }}
-    "{{- $entry.registry }}": {
-      "username{{ $index }}":"{{- $entry.username }}",
-      "password":"{{- $entry.password }}",
-      "email":"{{- $entry.email }}",
-      "auth":"{{- (printf "%s:%s" $entry.username $entry.password | b64enc) }}"
-    }{{- if ne $length (add $index 1) }},{{- end }}
+    {{- range $i, $m := .Values.registryCredentials }}
+    {{- /* Only create entry if resulting entry is valid */}}
+    {{- if and $m.registry $m.username $m.password }}
+    {{- if $i }},{{ end }}
+    "{{ $m.registry }}": {
+      "username": "{{ $m.username }}",
+      "password": "{{ $m.password }}",
+      "email": "{{ $m.email | default "" }}",
+      "auth": "{{ printf "%s:%s" $m.username $m.password | b64enc }}"
+    }
+    {{- end }}
    {{- end }}
  }
 }

--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -4,28 +4,23 @@ hostname: bigbang.dev
 # TODO: All this does right now is toggle GitRepositories, it is _not_ fully functional
 offline: false

-registryCredentials: ~
 # Regisitires can be an explicit map of registries as provided here
-# registryCredentials:
-#   registry: registry1.dso.mil
-#   username: ""
-#   password: ""
-#   email: ""
+registryCredentials:
+  registry: registry1.dso.mil
+  username: ""
+  password: ""
+  email: ""

 # Or a list of registires:
-# registryCredentials:
-# - registry: registry.dso.mil
-#   username: user.name
-#   password: user-secret
-#   email: xxx@xxx.xxx
-# - registry: registry1.dso.mil
-#   username: user.name
-#   password: user-secret
-#   email: xxx@xxx.xxx
-# - registry: registry.example.com
-#   username: user.name
-#   password: user-secret
-#   email: xxx@xxx.xxx
+#registryCredentials:
+#  - registry: registry1.dso.mil
+#    username: ""
+#    password: ""
+#    email: ""
+#  - registry: registry.dso.mil
+#    username: ""
+#    password: ""
+#    email: ""

 # Global git values
 # Order of precedence is: