From e1332aa042b3cccd69fb97c840c055d58de68e77 Mon Sep 17 00:00:00 2001
From: Riccardo Petraglia <riccardo.petraglia@swisscom.com>
Date: Sun, 28 Aug 2022 20:54:10 +0200
Subject: [PATCH] fix: credential secret does not works if set from values

Signed-off-by: Riccardo Petraglia <riccardo.petraglia@gmail.com>
---
 .../templates/connect-credentials.yaml        |  2 +-
 .../connect/templates/connect-deployment.yaml | 19 +++++++++++--------
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/charts/connect/templates/connect-credentials.yaml b/charts/connect/templates/connect-credentials.yaml
index 1c5392c..c168b71 100644
--- a/charts/connect/templates/connect-credentials.yaml
+++ b/charts/connect/templates/connect-credentials.yaml
@@ -11,7 +11,7 @@ metadata:
     app.kubernetes.io/component: connect
     {{- include "onepassword-connect.labels" . | nindent 4 }}
 type: Opaque
-stringData:
+data:
   {{ .Values.connect.credentialsKey }}: |-
   {{- if (.Values.connect.credentials) }}
   {{ .Values.connect.credentials | b64enc | indent 2 }}
diff --git a/charts/connect/templates/connect-deployment.yaml b/charts/connect/templates/connect-deployment.yaml
index fab7d70..894bb12 100644
--- a/charts/connect/templates/connect-deployment.yaml
+++ b/charts/connect/templates/connect-deployment.yaml
@@ -41,6 +41,9 @@ spec:
         - name: credentials
           secret:
             secretName: {{ .Values.connect.credentialsName }}
+            items:
+              - key: {{ .Values.connect.credentialsKey }}
+                path: 1password-credentials.json
         {{- if .Values.connect.tls.enabled }}
         - name: tls-cert
           secret:
@@ -60,10 +63,7 @@ spec:
             {{- toYaml .Values.connect.api.resources | nindent 12 }}
           env:
             - name: OP_SESSION
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.connect.credentialsName }}
-                  key: {{ .Values.connect.credentialsKey }}
+              value: /home/opuser/.op/1password-credentials.json
             - name: OP_BUS_PORT
               value: "11220"
             - name: OP_BUS_PEERS
@@ -100,6 +100,9 @@ spec:
           volumeMounts:
             - mountPath: /home/opuser/.op/data
               name: {{ .Values.connect.dataVolume.name }}
+            - name: credentials
+              mountPath: /home/opuser/.op/1password-credentials.json
+              subPath: 1password-credentials.json
             {{- if .Values.connect.tls.enabled }}
             - name: tls-cert
               mountPath: /home/opuser/.op/certs
@@ -117,10 +120,7 @@ spec:
             - name: OP_HTTP_PORT
               value: "{{ .Values.connect.sync.httpPort }}"
             - name: OP_SESSION
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.connect.credentialsName }}
-                  key: {{ .Values.connect.credentialsKey }}
+              value: /home/opuser/.op/1password-credentials.json
             - name: OP_BUS_PORT
               value: "11221"
             - name: OP_BUS_PEERS
@@ -145,3 +145,6 @@ spec:
           volumeMounts:
             - mountPath: /home/opuser/.op/data
               name: {{ .Values.connect.dataVolume.name }}
+            - name: credentials
+              mountPath: /home/opuser/.op/1password-credentials.json
+              subPath: 1password-credentials.json