kube_clusterSourceKubeClusterStandardESOExternalSecret

class ExternalSecret

Definitions

TemplateRef = Struct.new(:secret, :template_value)

Returned by .template — carries the secret ref and template value. When the env hash is processed, the key becomes both the env var name and the secret template data key.

KeyRef = Struct.new(:secret, :key_name)

Returned by .key — carries the secret ref and key name. When the volume_mounts hash is processed, this tells the volume processing layer to mount a single key from the secret as a file.

def template(template_string)

Returns a TemplateRef. The env hash processor calls .register! on the ref to wire up the template data and remote properties.

Implementation

 
def template(template_string)
  TemplateRef.new(self, template_string)
end

def key(key_name)

Returns a KeyRef for mounting a single key from this secret as a file. The volume processing layer uses this to generate the volume and mount.

Implementation

 
def key(key_name)
  KeyRef.new(self, key_name)
end

def register_template!(env_key, template_string)

Called by env processing to register a template entry.

Implementation

 
def register_template!(env_key, template_string)
  @_template_data[env_key] = template_string

  template_string.scan(/\{\{\s*\.(\w+)\s*\}\}/) do |match|
    @_remote_properties[match[0]] = true
  end

  @data.spec.target.template = { data: @_template_data }
  @data.spec.data = @_remote_properties.keys.map do |prop|
    { secretKey: prop, remoteRef: { key: @remote_key, property: prop } }
  end
end