OPSEXP-2296 update secretkeyref approach

charts/alfresco-connector-msteams/README.md

@@ -28,9 +28,12 @@ A Helm chart for deploying Alfresco connector msteams service
 | livenessProbe.initialDelaySeconds | int | `10` |  |
 | livenessProbe.periodSeconds | int | `20` |  |
 | livenessProbe.timeoutSeconds | int | `10` |  |
-| microsoft.app.id | string | `"change_me_app_id"` |  |
+| microsoft.app.existingSecret.keys.id | string | `"change_me_app_id"` |  |
+| microsoft.app.existingSecret.keys.password | string | `"change_me_app_pwd"` |  |
+| microsoft.app.existingSecret.name | string | `nil` |  |
+| microsoft.app.id | string | `nil` |  |
 | microsoft.app.oauth.connectionName | string | `"alfresco"` |  |
-| microsoft.app.password | string | `"change_me_app_pwd"` |  |
+| microsoft.app.password | string | `nil` |  |
 | nodeSelector | object | `{}` |  |
 | podSecurityContext.runAsNonRoot | bool | `true` |  |
 | podSecurityContext.runAsUser | int | `33041` |  |

charts/alfresco-connector-msteams/templates/config-connector-msteams.yaml

@@ -12,8 +12,6 @@ data:
   {{- end }}
   {{- end }}
   ALFRESCO_DIGITAL_WORKSPACE_CONTEXT_PATH: "{{ .Values.alfresco.digitalWorkspace.contextPath }}"
-  MICROSOFT_APP_ID: "{{ .Values.microsoft.app.id }}"
-  MICROSOFT_APP_PASSWORD: "{{ .Values.microsoft.app.password }}"
   MICROSOFT_APP_OAUTH_CONNECTION_NAME: "{{ .Values.microsoft.app.oauth.connectionName }}"
   TEAMS_CHAT_FILENAME_ENABLED: "{{ .Values.teams.chat.filenameEnabled }}"
   TEAMS_CHAT_METADATA_ENABLED: "{{ .Values.teams.chat.metadataEnabled }}"

charts/alfresco-connector-msteams/templates/deployment-connector-msteams.yaml

@@ -69,11 +69,23 @@ spec:
           env:
             {{- $msteamsCmCtx := dict "Values" (dict "nameOverride" "repo-teams") "Chart" .Chart "Release" .Release }}
             {{- $msteamsCm := coalesce .Values.repository.existingConfigMap.name (include "alfresco-connector-msteams.fullname" $msteamsCmCtx) }}
+            {{- $msSecretCtx := dict "Values" (dict "nameOverride" "msteams-se") "Chart" .Chart "Release" .Release }}
+            {{- $msSecret := coalesce .Values.microsoft.app.existingSecret.name (include "alfresco-connector-msteams.fullname" $msSecretCtx) }}
             - name: ALFRESCO_BASE_URL
               valueFrom:
                 configMapKeyRef:
                   name: {{ $msteamsCm }}
                   key: {{ .Values.repository.existingConfigMap.keys.url }}
+            - name: MICROSOFT_APP_ID
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $msSecret }}
+                  key: {{ .Values.microsoft.app.existingSecret.keys.id }}
+            - name: MICROSOFT_APP_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $msSecret }}
+                  key: {{ .Values.microsoft.app.existingSecret.keys.password }}
           ports:
               - containerPort: {{ .Values.image.internalPort }}
           resources: {{- toYaml .Values.resources | nindent 12 }}

charts/alfresco-connector-msteams/templates/secret-msteams.yaml

@@ -0,0 +1,13 @@
+{{- if not .Values.microsoft.app.existingSecret.name }}
+apiVersion: v1
+kind: Secret
+metadata:
+  {{- $secretCtx := dict "Values" (dict "nameOverride" "msteams-se") "Chart" .Chart "Release" .Release }}
+  name: {{ template "alfresco-connector-msteams.fullname" $secretCtx }}
+  labels:
+    {{- include "alfresco-connector-msteams.labels" . | nindent 4 }}
+type: Opaque
+data:
+  MICROSOFT_APP_ID: {{ .Values.microsoft.app.id | quote }}
+  MICROSOFT_APP_PASSWORD: {{ .Values.microsoft.app.password | quote }}
+{{- end }}

charts/alfresco-connector-msteams/values.yaml

@@ -44,10 +44,15 @@ alfresco:
     contextPath: /workspace/
 microsoft:
   app:
-    id: change_me_app_id
-    password: change_me_app_pwd
+    id: null
+    password: null
     oauth:
       connectionName: alfresco
+    existingSecret:
+      name: null
+      keys:
+        id: change_me_app_id
+        password: change_me_app_pwd
 teams:
   chat:
     filenameEnabled: true