kube: standardize top.secretRefs convention
Introduce a convention of declaring a secretsRefs:: object below cfg:: for containing all secretKeyRefs. The goal is to self-document all secrets that need to be created in order to deploy a service
Change-Id: I3a990d54f65a288f5e748262c576d2a120efd815
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1806
Reviewed-by: q3k <q3k@hackerspace.pl>
diff --git a/hswaw/ldapweb/prod.jsonnet b/hswaw/ldapweb/prod.jsonnet
index fbe537e..e3f6dff 100644
--- a/hswaw/ldapweb/prod.jsonnet
+++ b/hswaw/ldapweb/prod.jsonnet
@@ -11,7 +11,7 @@
image: 'registry.k0.hswaw.net/radex/ldapweb:20231123203042',
},
- secrets:: {
+ secretRefs:: {
admin_password: { secretKeyRef: { name: cfg.name, key: 'admin_password' } },
smtp_password: { secretKeyRef: { name: cfg.name, key: 'smtp_password' } },
},
@@ -37,10 +37,10 @@
LDAPWEB_ADMIN_GROUPS: 'ldap-admin,staff,zarzad',
LDAPWEB_ACTIVE_GROUPS: 'fatty,starving,potato',
LDAPWEB_ADMIN_DN: 'cn=ldapweb,ou=services,dc=hackerspace,dc=pl',
- LDAPWEB_ADMIN_PASSWORD: top.secrets.admin_password,
+ LDAPWEB_ADMIN_PASSWORD: top.secretRefs.admin_password,
LDAPWEB_PROTECTED_GROUPS: 'ldap-admin,staff,zarzad',
LDAPWEB_SMTP_USER: 'ldapweb',
- LDAPWEB_SMTP_PASSWORD: top.secrets.smtp_password,
+ LDAPWEB_SMTP_PASSWORD: top.secretRefs.smtp_password,
LDAPWEB_PAPERTRAIL_RECIPIENTS: 'zarzad@hackerspace.pl',
LDAPWEB_AVATAR_CACHE_TIMEOUT: '1800',
}