Files
the-other-dude/infrastructure/helm/templates/secrets.yaml
Jason Staack aef94329f4 fix(helm): correct secret name references and add migration env var
- Secret resource now named with -secrets suffix to match all template refs
- Add CREDENTIAL_ENCRYPTION_KEY to migration init container (VPN migration needs it)
- Fix postgres secretKeyRef to use -secrets suffix

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 18:54:47 -05:00

21 lines
942 B
YAML

apiVersion: v1
kind: Secret
metadata:
name: {{ include "tod.fullname" . }}-secrets
labels:
{{- include "tod.labels" . | nindent 4 }}
type: Opaque
stringData:
JWT_SECRET_KEY: {{ .Values.secrets.jwtSecretKey | quote }}
CREDENTIAL_ENCRYPTION_KEY: {{ .Values.secrets.credentialEncryptionKey | quote }}
OPENBAO_TOKEN: {{ .Values.secrets.openbaoToken | quote }}
BAO_UNSEAL_KEY: {{ .Values.secrets.baoUnsealKey | quote }}
FIRST_ADMIN_EMAIL: {{ .Values.secrets.firstAdminEmail | quote }}
FIRST_ADMIN_PASSWORD: {{ .Values.secrets.firstAdminPassword | quote }}
DB_PASSWORD: {{ .Values.secrets.dbPassword | quote }}
DB_APP_PASSWORD: {{ .Values.secrets.dbAppPassword | quote }}
DB_POLLER_PASSWORD: {{ .Values.secrets.dbPollerPassword | quote }}
POLLER_DATABASE_URL: {{ include "tod.pollerDatabaseUrl" . | quote }}
SMTP_USER: {{ .Values.secrets.smtpUser | quote }}
SMTP_PASSWORD: {{ .Values.secrets.smtpPassword | quote }}