From 23191ef5a3ab12eec8876455efd6332a36e3889c Mon Sep 17 00:00:00 2001
From: Steven Fitzpatrick <steven.fitzpatrick@att.com>
Date: Wed, 11 Mar 2020 22:01:12 -0500
Subject: [PATCH] Elasticsearch Secret Vars

This change adds the HTK Secret Environment Variables function
to Elasticsearch. This may be required to store auth or certificate
details needed to establish remote clustering.

Change-Id: I3f1167f1c015101f768ad223024ce2490d355d83
---
 .../templates/deployment-client.yaml          |  3 +++
 .../templates/secret-environment.yaml         | 27 +++++++++++++++++++
 2 files changed, 30 insertions(+)
 create mode 100644 elasticsearch/templates/secret-environment.yaml

diff --git a/elasticsearch/templates/deployment-client.yaml b/elasticsearch/templates/deployment-client.yaml
index 628b3659d0..0d9f382e2e 100644
--- a/elasticsearch/templates/deployment-client.yaml
+++ b/elasticsearch/templates/deployment-client.yaml
@@ -164,6 +164,9 @@ spec:
                   key: S3_SECRET_KEY
 {{- if .Values.pod.env.client }}
 {{ include "helm-toolkit.utils.to_k8s_env_vars" .Values.pod.env.client | indent 12 }}
+{{- end }}
+{{- if .Values.pod.env.secrets }}
+{{ tuple $envAll .Values.pod.env.secrets | include "helm-toolkit.utils.to_k8s_env_secret_vars" | indent 12 }}
 {{- end }}
           volumeMounts:
             - name: pod-tmp
diff --git a/elasticsearch/templates/secret-environment.yaml b/elasticsearch/templates/secret-environment.yaml
new file mode 100644
index 0000000000..58fc1b41ee
--- /dev/null
+++ b/elasticsearch/templates/secret-environment.yaml
@@ -0,0 +1,27 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if and .Values.manifests.secret_environment .Values.pod.env.secrets }}
+{{- $envAll := . }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ printf "%s-%s" $envAll.Release.Name "env-secret" | quote }}
+type: Opaque
+data:
+  {{- range $key, $value := .Values.pod.env.secrets }}
+  {{ $key | upper }}: {{ $value | b64enc }}
+  {{- end }}
+{{- end }}