Redo values layout

3 files changed, 31 insertions, 24 deletions

diff --git a/templates/deployment.yaml b/templates/deployment.yaml
index f20e1a2..0d4f973 100644
--- a/templates/deployment.yaml
+++ b/templates/deployment.yaml
@@ -41,8 +41,14 @@ spec:
               containerPort: {{ .Values.service.port }}
               protocol: TCP
           envFrom:
+            {{- if .Values.secret.enabled }}
             - secretRef:
-                name: {{ with .Values.config.existingSecretName }}{{ . }}{{ else }}"{{ include "oauth2-proxy.fullname" . }}-env"{{ end }}
+                name: "{{ include "oauth2-proxy.fullname" . }}-env"
+            {{- end }}
+            {{- range .Values.envFrom.secretRef }}
+            - secretRef:
+                name: {{ .name }}
+            {{- end }}
           #livenessProbe:
           #  httpGet:
           #    path: /
diff --git a/templates/secret.yaml b/templates/secret.yaml
index 1e1061d..d91e319 100644
--- a/templates/secret.yaml
+++ b/templates/secret.yaml
@@ -1,4 +1,4 @@
-{{- if (eq .Values.config.existingSecretName "") }}
+{{- if .Values.secret.enabled }}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -6,14 +6,14 @@ metadata:
   labels:
     {{- include "oauth2-proxy.labels" . | nindent 4 }}
 data:
-  OAUTH2_PROXY_PROVIDER: {{ .Values.config.provider | b64enc }}
-  OAUTH2_PROXY_CLIENT_ID: {{ .Values.config.clientId | b64enc }}
-  OAUTH2_PROXY_CLIENT_SECRET: {{ .Values.config.clientSecret | b64enc }}
-  OAUTH2_PROXY_REDIRECT_URL: {{ .Values.config.redirectUrl | b64enc }}
-  OAUTH2_PROXY_OIDC_ISSUER_URL: {{ .Values.config.oidcIssuerUrl | b64enc }}
-  OAUTH2_PROXY_EMAIL_DOMAIN: {{ .Values.config.emailDomain | b64enc }}
-  OAUTH2_PROXY_ALLOWED_GROUP: {{ .Values.config.allowedGroup | b64enc }}
-  OAUTH2_PROXY_COOKIE_SECRET: {{ .Values.config.cookieSecret | b64enc }}
-  OAUTH2_PROXY_HTTP_ADDRESS: {{ .Values.config.httpAddress | b64enc }}
-  OAUTH2_PROXY_UPSTREAM: {{ .Values.config.upstream | b64enc }}
+  OAUTH2_PROXY_PROVIDER: {{ .Values.secret.values.provider | b64enc }}
+  OAUTH2_PROXY_CLIENT_ID: {{ .Values.secret.values.clientId | b64enc }}
+  OAUTH2_PROXY_CLIENT_SECRET: {{ .Values.secret.values.clientSecret | b64enc }}
+  OAUTH2_PROXY_REDIRECT_URL: {{ .Values.secret.values.redirectUrl | b64enc }}
+  OAUTH2_PROXY_OIDC_ISSUER_URL: {{ .Values.secret.values.oidcIssuerUrl | b64enc }}
+  OAUTH2_PROXY_EMAIL_DOMAIN: {{ .Values.secret.values.emailDomain | b64enc }}
+  OAUTH2_PROXY_ALLOWED_GROUP: {{ .Values.secret.values.allowedGroup | b64enc }}
+  OAUTH2_PROXY_COOKIE_SECRET: {{ .Values.secret.values.cookieSecret | b64enc }}
+  OAUTH2_PROXY_HTTP_ADDRESS: {{ .Values.secret.values.httpAddress | b64enc }}
+  OAUTH2_PROXY_UPSTREAM: {{ .Values.secret.values.upstream | b64enc }}
 {{- end }}
diff --git a/values.yaml b/values.yaml
index cd7ba88..cee43d7 100644
--- a/values.yaml
+++ b/values.yaml
@@ -81,15 +81,16 @@ tolerations: []
 
 affinity: {}
 
-config:
-  existingSecretName: ""
-  allowedGroup: ""
-  clientId: ""
-  clientSecret: ""
-  cookieSecret: "{{ randAlphaNum 32 }}"
-  emailDomain: "*"
-  httpAddress: "0.0.0.0:4180"
-  oidcIssuerUrl: ""
-  proxyProvider: ""
-  redirectUrl: ""
-  upstream: ""
+secret:
+  enabled: true
+  values:
+    allowedGroup: ""
+    clientId: ""
+    clientSecret: ""
+    cookieSecret: "{{ randAlphaNum 32 }}"
+    emailDomain: "*"
+    httpAddress: "0.0.0.0:4180"
+    oidcIssuerUrl: ""
+    proxyProvider: ""
+    redirectUrl: ""
+    upstream: ""