From f6e58558f106eb6677c7f850221776940be70a71 Mon Sep 17 00:00:00 2001
From: Kavitha Thulasiraman <kavithathulasiraman@Kavithas-MacBook-Pro-2.local>
Date: Tue, 21 Sep 2021 14:53:29 -0400
Subject: [PATCH] add vault deployment

---
 chart/templates/vault/gitrepository.yaml      | 10 ++++
 chart/templates/vault/imagepullsecret.yaml    |  4 ++
 chart/templates/vault/namespace.yaml          |  4 ++
 .../vault/twistlock-helmrelease.yaml          | 56 +++++++++++++++++++
 chart/values.yaml                             | 12 ++++
 5 files changed, 86 insertions(+)
 create mode 100644 chart/templates/vault/twistlock-helmrelease.yaml

diff --git a/chart/templates/vault/gitrepository.yaml b/chart/templates/vault/gitrepository.yaml
index 5080999e5d..8b2a911c9a 100644
--- a/chart/templates/vault/gitrepository.yaml
+++ b/chart/templates/vault/gitrepository.yaml
@@ -1,4 +1,8 @@
+<<<<<<< HEAD
 {{- if and (not .Values.offline) .Values.addons.vault.enabled }}
+=======
+{{- if and (not .Values.offline) .Values.vault.enabled }}
+>>>>>>> eb61ff0b (add vault deployment)
 apiVersion: source.toolkit.fluxcd.io/v1beta1
 kind: GitRepository
 metadata:
@@ -10,9 +14,15 @@ metadata:
     {{- include "commonLabels" . | nindent 4}}
 spec:
   interval: {{ .Values.flux.interval }}
+<<<<<<< HEAD
   url: {{ .Values.addons.vault.git.repo }}
   ref:
     {{- include "validRef" .Values.addons.vault.git | nindent 4 }}
+=======
+  url: {{ .Values.vault.git.repo }}
+  ref:
+    {{- include "validRef" .Values.vault.git | nindent 4 }}
+>>>>>>> eb61ff0b (add vault deployment)
   {{ include "gitIgnore" . }}
   {{- include "gitCreds" . | nindent 2 }}
 {{- end }}
diff --git a/chart/templates/vault/imagepullsecret.yaml b/chart/templates/vault/imagepullsecret.yaml
index cf24c17a26..14fb1f2697 100644
--- a/chart/templates/vault/imagepullsecret.yaml
+++ b/chart/templates/vault/imagepullsecret.yaml
@@ -1,4 +1,8 @@
+<<<<<<< HEAD
 {{- if .Values.addons.vault.enabled }}
+=======
+{{- if .Values.vault.enabled }}
+>>>>>>> eb61ff0b (add vault deployment)
 {{- if ( include "imagePullSecret" . ) }}
 apiVersion: v1
 kind: Secret
diff --git a/chart/templates/vault/namespace.yaml b/chart/templates/vault/namespace.yaml
index 6fdde08f2f..c0db24839d 100644
--- a/chart/templates/vault/namespace.yaml
+++ b/chart/templates/vault/namespace.yaml
@@ -1,4 +1,8 @@
+<<<<<<< HEAD
 {{- if .Values.addons.vault.enabled }}
+=======
+{{- if .Values.twistlock.enabled }}
+>>>>>>> eb61ff0b (add vault deployment)
 apiVersion: v1
 kind: Namespace
 metadata:
diff --git a/chart/templates/vault/twistlock-helmrelease.yaml b/chart/templates/vault/twistlock-helmrelease.yaml
new file mode 100644
index 0000000000..14e476fc10
--- /dev/null
+++ b/chart/templates/vault/twistlock-helmrelease.yaml
@@ -0,0 +1,56 @@
+{{- $fluxSettingsVault := merge .Values.vault.flux .Values.flux -}}
+{{- if .Values.vault.enabled }}
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: vault
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: vault
+    app.kubernetes.io/component: "sandbox"
+    {{- include "commonLabels" . | nindent 4}}
+spec:
+  targetNamespace: vault
+  chart:
+    spec:
+      chart: {{ .Values.vault.git.path }}
+      interval: 5m
+      sourceRef:
+        kind: GitRepository
+        name: vault
+        namespace: {{ .Release.Namespace }}
+
+  {{- toYaml $fluxSettingsVault | nindent 2 }}
+  
+  {{- if .Values.vault.postRenderers }}
+  postRenderers:
+  {{ toYaml .Values.vault.postRenderers | nindent 4 }}
+  {{- end }}
+  valuesFrom:
+    - name: {{ .Release.Name }}-vault-values
+      kind: Secret
+      valuesKey: "common"
+    - name: {{ .Release.Name }}-vault-values
+      kind: Secret
+      valuesKey: "defaults"
+    - name: {{ .Release.Name }}-vault-values
+      kind: Secret
+      valuesKey: "overlays"
+
+  # TODO: DRY this up
+  {{- if or .Values.gatekeeper.enabled .Values.istio.enabled }}
+  dependsOn:
+    {{- if .Values.gatekeeper.enabled }}
+    - name: gatekeeper
+      namespace: {{ .Release.Namespace }}
+    {{- end }}
+    {{- if .Values.istio.enabled }}
+    - name: istio
+      namespace: {{ .Release.Namespace }}
+    {{- end }}
+    {{- if .Values.monitoring.enabled }}
+    - name: monitoring
+      namespace: {{ .Release.Namespace }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/chart/values.yaml b/chart/values.yaml
index 4cdee1d5cb..fde4b77714 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -564,6 +564,18 @@ addons:
     # -- Additional authservice chain configurations.
     chains: {}
 
+  # ----------------------------------------------------------------------------------------------------------------------  
+  # Vault
+ #
+  vault:
+  # -- Toggle deployment of vault.
+    enabled: true
+    git:
+      repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/vault.git
+      path: "./chart"
+      branch: "deploy-vault"
+  # ----------------------------------------------------------------------------------------------------------------------  
+
   # ----------------------------------------------------------------------------------------------------------------------
   # Minio Operator and Instance
   #
-- 
GitLab