0

I'm trying to use a helm chart to deploy my secrets as sealed secret, I have created a template for the sealed secret

apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
  name: {{ include "api.fullname" . }}
  namespace: api
  
spec:
  template:
    metadata: 
      name: {{ include "api.fullname" . }}
  encryptedData:
    {{- range $key, $val := .Values.encryptedData }}
    {{ $key }}: {{ $val }}
    {{- end }}

and in my deployment I'm setting the secret values as env variables

env:        
{{- range $key, $val := .Values.encryptedData }}
- name: {{ $key }}
  valueFrom:
    secretKeyRef:
      name: {{ include "sealedsecret.bitnami.com/api.fullname" $ }}
      key: {{ $key }}
{{- end }}

The problem is when I install the chart the sealed secret file is in sealedsecret.bitnami.com/api

how can reference that in the include part of the secretKeyRef

The error I'm getting when installing the chart

Error: template: joe-api/templates/deployment.yaml:42:25: executing "api/templates/deployment.yaml" at <include "sealedsecret.bitnami.com/api.fullname" $>: error calling include: template: no template "sealedsecret.bitnami.com/api.fullname" associated with template "gotpl"

any help would be appreciated

akano1
  • 40,596
  • 19
  • 54
  • 67

1 Answers1

0

SealedSecret creates Secret in your cluster with the same name as itself, see https://github.com/bitnami-labs/sealed-secrets#overview

Your SealedSecret name comes from chart fullname template - {{ include "api.fullname" . }}, but in deployment you are including undefined template, named sealedsecret.bitnami.com/api.fullname (you can check available templates in templates/_helpers.tpl file if you want)

So the snippet below should work:

env:        
{{- range $key, $val := .Values.encryptedData }}
- name: {{ $key }}
  valueFrom:
    secretKeyRef:
      name: {{ include "api.fullname" $ }}
      key: {{ $key }}
{{- end }}
Andrew
  • 3,912
  • 17
  • 28
  • Thanks for the reply, however I'm still getting an error template: api/templates/deployment.yaml:41:25: executing "api/templates/deployment.yaml" at : error calling include: template: no template "api.fullname" associated with template "gotpl" – akano1 Apr 04 '23 at 10:38
  • Ah, i always forget scope inside `range`, replaced `.` with `$`, should be fixed see https://stackoverflow.com/questions/61297149/using-include-inside-range-in-go-templates-helm – Andrew Apr 04 '23 at 10:50
  • I'm still getting the error – akano1 Apr 04 '23 at 10:54
  • How did you create your chart? Have you used `helm create api` to generate boilerplate chart? Do you have file `templates/_helpers.tpl`? Do you have `api.fullname` template defined inside it? – Andrew Apr 04 '23 at 11:04
  • yes I created it with helm create and I have the _helpers.tpl and in there there's an api.fullname – akano1 Apr 04 '23 at 11:24
  • sorry I had a mis spelling, it works now. thanks – akano1 Apr 04 '23 at 11:28