search

NiklasRosenstein / nyl

Nyl facilitates the orchestration of infrastructure and application deployment pipelines across different tools, making them work together in a seamless manner.
https://niklasrosenstein.github.io/nyl/
1 stars 0 forks source link

Support string substitution in Helm charts #1

Open NiklasRosenstein opened 3 months ago

NiklasRosenstein commented 3 months ago

Nyl string substitution currently only works on top-level manifests that are fed directly to Nyl. It would however be quite convenient if a Helm chart referenced by Nyl could benefit from Nyl's string substition, for example to generate random passwords to pass into a nyl.io/StatefulSecret (which can already be generated in a Helm chart).

For example:

apiVersion: nyl.io/v1
kind: StatefulSecret
metadata:
  name: argocd-admin
  namespace: argocd
stringData:
  password: ${{ bcrypt(random_password(length=24)) }}

This resource currently must live outside of any Helm chart because Helm complains about the syntax.

There are two ways to go about this:

  1. Pre-process the chart; this has the disadvantage that it's still in unstructured form so it will be tricky to run through structed-templates
  2. Post-process the chart's generated resources; however this requires escaping for Helm to not complain about the syntax
NiklasRosenstein commented 3 months ago

Actually the syntax is not too ugly..

apiVersion: nyl.io/v1
kind: StatefulSecret
metadata:
  name: argocd-admin
  namespace: argocd
stringData:
  password: {{`${{ bcrypt(random_password(length=24)) }}`}}