0

I was trying to iterate through my values.yaml file objects

values.yaml

keyvault:
  name: mykv
  tenantId: ${tenantId}$
  clientid: "#{spid}#"
  clientsecret: "#{spsecret}#"
  secrets:
    - secret1
    - secret2
    - secret3

So here my requiremnt is to loopthrough each item of above "secrets" to below serviceproviderclass templates, "Data" and objectName fields. But its failing.

What I tried is as below.

{{- define "commonobject.secretproviderclass.tpl" -}}
{{- if eq .Values.secret.enabled true }}
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
  name: {{ $.Release.Name }}-secretproviderclass
  labels:
    app: {{ $.Release.Name }}
    chart: "{{ $.Release.Name }}-{{ .Chart.Version }}"
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
spec:
  provider: azure
  secretObjects:
  - data:
      {{- range $key, $value := .Values.keyvault }}
      {{- range $value.secret }}
    - key: { . }
      {{- end }}
      {{- end }}
    secretName: {{ .Values.secret.keyvault.name }}
    type: opaque
  parameters:
    usePodIdentity: "false"
    useVMManagedIdentity: "false"
    userAssignedIdentityID: ""
    keyvaultName: {{ .Values.keyvault.name }}
    objects: |
      array:
        {{- range $key, $value := .Values.keyvault }}
        {{- range $value.secret }}
        - |
          objectName: {{ . }}
          objectType: secret
        {{- end }}
        {{- end }}
    tenantId: {{ .Values.keyvault.tenantid }}
{{- end }}
{{- end -}}
{{- define "commonobject.secretproviderclass" -}}
{{- template "commonobject.util.merge" (append . "commonobject.secretproviderclass.tpl") -}}
{{- end -}}
David Maze
  • 130,717
  • 29
  • 175
  • 215
Vowneee
  • 956
  • 10
  • 33
  • your template looks like it has a bunch of typos. i.e keyvault vs keyVault or `- key: {.} ` – The Fool Jun 07 '22 at 20:52
  • I corrected the Typo. its giving template error stating the objects couldnt find. Is it the right way which I tried to get the secretobject oneby one from the values.yaml file and iterate those secrets under Objects array and Data section of secretproviderclass ? I couldnt find any sample helm chart refernce where the secrets can be iterate through in any docs – Vowneee Jun 07 '22 at 21:21

1 Answers1

1

In your values.yaml file, .Values.keyvault is a single object that has keys name, secrets, etc. If you want to iterate through its secrets you just need a single range loop to do that.

  secretObjects:
  - data:
      {{- range .Values.keyvault.secrets }}{{/* <-- only one range loop */}}
    - key: { . }
      {{- end }}
    secretName: {{ .Values.secret.keyvault.name }}
    type: opaque

In the double loop you have now, $key and $value get set to each pair from .Values.keyvault in sequence; clientid and #{spid}#, clientsecret and #{spsecret}#, and so on; and then you try to iterate through those (often string-valued) values. For this use you don't need the outer loop.

David Maze
  • 130,717
  • 29
  • 175
  • 215
  • I accepted this answer and i have addedone more question on additional requirement on the same. https://stackoverflow.com/questions/72623274/helm-loopthrough-with-advaned-naming-functions. – Vowneee Jun 14 '22 at 21:06