From 182a2d80b4ea50829debca7d4319c0a0e6f090eb Mon Sep 17 00:00:00 2001
From: Khue Doan <mail@khuedoan.com>
Date: Sat, 26 Feb 2022 10:43:35 +0700
Subject: [PATCH] refactor(gitea)!: use admin secret from vault

---
 platform/gitea/templates/admin-secret.yaml | 17 +++++++++++++++++
 platform/gitea/values.yaml                 |  3 +--
 2 files changed, 18 insertions(+), 2 deletions(-)
 create mode 100644 platform/gitea/templates/admin-secret.yaml

diff --git a/platform/gitea/templates/admin-secret.yaml b/platform/gitea/templates/admin-secret.yaml
new file mode 100644
index 00000000..bb6cd94f
--- /dev/null
+++ b/platform/gitea/templates/admin-secret.yaml
@@ -0,0 +1,17 @@
+apiVersion: external-secrets.io/v1alpha1
+kind: ExternalSecret
+metadata:
+  name: {{ .Values.gitea.gitea.admin.existingSecret }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  secretStoreRef:
+    name: vault
+    kind: ClusterSecretStore
+  target:
+    template:
+      data:
+        username: gitea_admin
+  data:
+    - secretKey: password
+      remoteRef:
+        key: /gitea/admin-password
diff --git a/platform/gitea/values.yaml b/platform/gitea/values.yaml
index 39eaf878..f35f47e2 100644
--- a/platform/gitea/values.yaml
+++ b/platform/gitea/values.yaml
@@ -15,8 +15,7 @@ gitea:
           - *host
   gitea:
     admin:
-      # existingSecret: gitea-admin-secret
-      password: asdfasdfasdf  # TODO yes I know this is just for testing
+      existingSecret: gitea-admin-secret
     config:
       server:
         LANDING_PAGE: explore