add secret to wiki js

wiki.js/templates/secret.yaml

@@ -0,0 +1,18 @@
+apiVersion: external-secrets.io/v1alpha1
+kind: ExternalSecret
+metadata:
+  name: {{ .Values.wiki.postgresql.existingSecret }}
+#  namespace: external-secrets
+  namespace: {{ .Release.Namespace }}
+  metadata:
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  target:
+    name: {{ .Values.wiki.postgresql.existingSecret }}
+  data:
+    - secretKey: postgresql-password
+      remoteRef:
+        key: secret/infotech
+        property: DB_PASSWORD

wiki.js/values.yml

@@ -1,18 +1,18 @@
 # Default values for wiki.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
+wiki:
+  replicaCount: 1
 
-replicaCount: 1
-
-image:
+  image:
     repository: requarks/wiki
     imagePullPolicy: IfNotPresent
 
-imagePullSecrets: []
-nameOverride: ""
-fullnameOverride: ""
+  imagePullSecrets: []
+  nameOverride: ""
+  fullnameOverride: ""
 
-serviceAccount:
+  serviceAccount:
     # Specifies whether a service account should be created
     create: true
     # Annotations to add to the service account
@@ -21,21 +21,21 @@ serviceAccount:
     # If not set and create is true, a name is generated using the fullname template
     name:
 
-livenessProbe:
+  livenessProbe:
     httpGet:
       path: /healthz
       port: http
 
-readinessProbe:
+  readinessProbe:
     httpGet:
       path: /healthz
       port: http
 
-podSecurityContext:
+  podSecurityContext:
     {}
     # fsGroup: 2000
 
-securityContext:
+  securityContext:
     {}
     # capabilities:
     #   drop:
@@ -44,7 +44,7 @@ securityContext:
     # runAsNonRoot: true
     # runAsUser: 1000
 
-service:
+  service:
     type: ClusterIP
     port: 80
     # Annotations applied for services such as externalDNS or
@@ -53,14 +53,14 @@ service:
     # httpsPort: 443
     # annotations: {}
 
-ingress:
+  ingress:
     enabled: true
     annotations:
       {}
       # kubernetes.io/ingress.class: nginx
       # kubernetes.io/tls-acme: "true"
     hosts:
-    - host: infotech.kube.local
+      - host: "infotech.kube.local"
         paths:
           - path: "/"
             pathType: Prefix
@@ -70,7 +70,7 @@ ingress:
     #    hosts:
     #      - chart-example.local
 
-resources:
+  resources:
     {}
     # We usually recommend not to specify default resources and to leave this as a conscious
     # choice for the user. This also increases chances charts run on environments with little
@@ -83,18 +83,18 @@ resources:
     #   cpu: 100m
     #   memory: 128Mi
 
-nodeSelector: {}
+  nodeSelector: {}
 
-tolerations: []
+  tolerations: []
 
-affinity: {}
+  affinity: {}
 
-volumeMounts: []
+  volumeMounts: []
 
-volumes: []
+  volumes: []
 
-# This will allow us to install locales even without internet access using a initContainer & wikjs "sideloading"
-sideload:
+  # This will allow us to install locales even without internet access using a initContainer & wikjs "sideloading"
+  sideload:
     enabled: false
     # Git-Repo containing all locales.json-files you need:
     repoURL: https://github.com/Requarks/wiki-localization
@@ -104,10 +104,10 @@ sideload:
     #  - name: HTTPS_PROXY
     #    value: http://my.proxy.com:3128
 
-## Configuration values for the postgresql dependency.
-## ref: https://github.com/kubernetes/charts/blob/master/stable/postgresql/README.md
-##
-postgresql:
+  ## Configuration values for the postgresql dependency.
+  ## ref: https://github.com/kubernetes/charts/blob/master/stable/postgresql/README.md
+  ##
+  postgresql:
     ## Use the PostgreSQL chart dependency.
     ## Set to false if bringing your own PostgreSQL, and set secret value postgresql-uri.
     ##
@@ -141,7 +141,7 @@ postgresql:
     ## Persistent Volume Storage configuration.
     ## ref: https://kubernetes.io/docs/user-guide/persistent-volumes
     ##
-
+    existingSecret: postgresql-password
     replication:
       ## Enable PostgreSQL replication (primary/secondary)
       ##