feat(chart): support mounting existing secrets as files (#213)

* Support mounting existing secrets as files

Author: Pluies

charts/kubernetes-external-secrets/templates/deployment.yaml

@@ -48,6 +48,14 @@ spec:
                 name: {{ $value.secretKeyRef | quote }}
                 key: {{ $value.key | quote }}
           {{- end }}
+          {{- with .Values.filesFromSecret }}
+          volumeMounts:
+          {{- range $key, $value := . }}
+          - name: {{ $key }}
+            mountPath: {{ $value.mountPath }}
+            readOnly: true
+          {{- end }}
+          {{- end }}
       {{- with .Values.securityContext }}
       securityContext:
         {{- toYaml . | nindent 8 }}
@@ -64,3 +72,11 @@ spec:
       tolerations:
         {{- toYaml . | nindent 8 }}
       {{- end }}
+      {{- with .Values.filesFromSecret }}
+      volumes:
+      {{- range $key, $value := . }}
+      - name: {{ $key }}
+        secret:
+          secretName: {{ $value.secret }}
+      {{- end }}
+      {{- end }}

charts/kubernetes-external-secrets/values.yaml

@@ -10,7 +10,7 @@ env:
   METRICS_PORT: 3001
   VAULT_ADDR: http://127.0.0.1:8200
 
-# Create environment variables from exists k8s secrets
+# Create environment variables from existing k8s secrets
 # envVarsFromSecret:
 #  AWS_ACCESS_KEY_ID:
 #    secretKeyRef: aws-credentials
@@ -19,6 +19,12 @@ env:
 #    secretKeyRef: aws-credentials
 #    key: key
 
+# Create files from existing k8s secrets
+# filesFromSecret:
+#   examplefile:
+#     secret: secretname
+#     mountPath: /a/mount/point/
+
 rbac:
   # Specifies whether RBAC resources should be created
   create: true