Merge pull request #41 from streamnative/john/strip-as-secret

Stripe key as secret
streamnative · Apr 28, 2022 · dc75d78 · dc75d78
2 parents 4075033 + f5795c5
commit dc75d78
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 6 deletions.
diff --git a/modules/cloud-manager-agent/chart/templates/deployment.yaml b/modules/cloud-manager-agent/chart/templates/deployment.yaml
@@ -49,6 +49,15 @@ spec:
       terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
       containers:
       - name: agent
+        {{ $stripeKeySecretName := .Values.appConfig.applicationAgentProperties.stripeKeySecretName }}
+        {{- if $stripeKeySecretName }}
+        env:
+        - name: STRIPE_DEFAULT_SECRET_API_KEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ $stripeKeySecretName | quote }}
+              key: {{ .Values.appConfig.applicationAgentProperties.stripeKeySecretKey | quote }}
+        {{- end }}
         image: {{ include "cloud-manager-agent.image" . }}
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         readinessProbe:
@@ -89,9 +98,6 @@ spec:
             items:
               - key: application-default.properties
                 path: application-agent.properties
-        # - name: cloud-manager-agent-tls
-        #   secret:
-        #     secretName: ctl-tls
         - name: data
           emptyDir: {}
       {{- with .Values.nodeSelector }}

diff --git a/modules/cloud-manager-agent/chart/values.yaml b/modules/cloud-manager-agent/chart/values.yaml
@@ -40,6 +40,8 @@ rbac:
 
 appConfig:
   applicationAgentProperties:
+    stripeKeySecretName: ""
+    stripeKeySecretKey: key
     raw: ""
   applicationProperties: |
     logging.level.org.apache=INFO

diff --git a/modules/cloud-manager-agent/values.yaml.tftpl b/modules/cloud-manager-agent/values.yaml.tftpl
@@ -1,5 +1,21 @@
 appConfig:
   applicationAgentProperties:
-    kubernetesExternalSecret:
-      enabled: true
-      secretName: cloud-manager-agent-extra-${environment}
+    stripeKeySecretName: stripe
+%{ if environment == "test" }
+    raw: |
+      spring.security.oauth2.resourceserver.jwt.issuer-uri=https://auth.test.cloud.gcp.streamnative.dev/
+      cloud.api.audience=https://api.test.cloud.gcp.streamnative.dev
+      spring.security.oauth2.resourceserver.jwt.audience=https://api.test.cloud.gcp.streamnative.dev
+%{ else }
+%{ if environment == "staging" }
+    raw: |
+      spring.security.oauth2.resourceserver.jwt.issuer-uri=https://auth.sncloud-stg.dev/
+      cloud.api.audience=https://api.sncloud-stg.dev
+      spring.security.oauth2.resourceserver.jwt.audience=https://api.sncloud-stg.dev
+%{ else }
+    raw: |
+      spring.security.oauth2.resourceserver.jwt.issuer-uri=https://auth.streamnative.cloud/
+      cloud.api.audience=https://api.streamnative.cloud
+      spring.security.oauth2.resourceserver.jwt.audience=https://api.streamnative.cloud
+%{ endif }
+%{ endif }