airshipctl/manifests/function/generate-secrets/generate-passphrases-template.yaml

apiVersion: airshipit.org/v1alpha1
kind: Templater
metadata:
  name: generate-passphrases-template
  annotations:
    config.kubernetes.io/function: |-
      container:
        image: quay.io/airshipit/templater:latest      
values:
  passphrases:
template: |
  {{- range $key, $val := .passphrases }}
  {{- $secretName := $key }}
  {{- $secret := $val }}
  ---
  apiVersion: v1
  kind: Secret
  type: Opaque
  metadata:
    name: {{ $secretName }}
    {{- if $secret.deployk8s }}
    namespace: {{ $secret.namespace | default "default" }}
    {{- end }}
    labels:
      airshipit.org/deploy-k8s: {{ $secret.deployk8s | default "false" }}
  data:
    {{range $secret.values -}}
      {{- if not .keyName }}
      {{- $_ := set . "keyName" "password" }}
      {{- end }}
      {{ if not .generationType -}}
        {{- fail "no valid generationType specified!" }}
      {{ end -}}
      {{if eq .generationType "static" -}}
        {{ .keyName }}: {{ .value | b64enc }}
      {{else if eq .generationType "randAscii" -}}
        {{ .keyName }}: {{ randAscii .length | b64enc }}
      {{else if eq .generationType "randAlpha" -}}
        {{ .keyName }}: {{ randAlpha .length | b64enc }}
      {{else if eq .generationType "randAlphaNum" -}}
        {{ .keyName }}: {{ randAlphaNum .length | b64enc }}
      {{else if eq .generationType "randNumeric" -}}
        {{ .keyName }}: {{ randNumeric .length | b64enc }}
      {{else if eq .generationType "regexGen" -}}
        {{ .keyName }}: {{ regexGen .regex (.limit | int) | b64enc }}
      {{else if eq .generationType "derivePassword" -}}
        {{ .keyName }}: {{ derivePassword (.length | toUint32) .passwordType .masterPassword .user .site | b64enc }}
      {{else -}}
        {{ $error := printf "%s is not a valid generationType!" .generationType }}
        {{- fail $error }}
      {{end}}
    {{end -}}
  {{end -}}