From a0779fcaf98d8997014a87872bf3a119e5a84d1e Mon Sep 17 00:00:00 2001
From: stremovsky <stremovsky@gmail.com>
Date: Wed, 5 Jan 2022 13:20:40 +0200
Subject: [PATCH] make sure to use the same encryption keys

---
 charts/databunker/templates/secrets.yaml | 45 ++++++++++++++++++------
 1 file changed, 34 insertions(+), 11 deletions(-)

diff --git a/charts/databunker/templates/secrets.yaml b/charts/databunker/templates/secrets.yaml
index 5613430..2876ce5 100644
--- a/charts/databunker/templates/secrets.yaml
+++ b/charts/databunker/templates/secrets.yaml
@@ -8,19 +8,42 @@ metadata:
     {{- if .Values.commonLabels }}
     {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
     {{- end }}
-  {{- if .Values.commonAnnotations }}
-  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
-  {{- end }}
+  annotations:
+    helm.sh/resource-policy: keep
+    {{- if .Values.commonAnnotations }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+    {{- end }}
 type: Opaque
 data:
-  {{- if .Values.databunkerMasterkey }}
-  databunker-masterkey: {{ default "" .Values.databunkerMasterkey | b64enc | quote }}
-  {{- else }}
-  databunker-masterkey: {{ substr 1 49 (printf "%x%x%x%x%x%x" (int64 (randNumeric 18)) (int64 (randNumeric 18)) (int64 (randNumeric 18)) (int64 (randNumeric 18)) (int64 (randNumeric 18)) (int64 (randNumeric 18)) ) | b64enc | quote }}
+  {{- $secret := (lookup "v1" "Secret" .Release.Namespace ( include "common.names.fullname" .) ) }}
+
+  {{- $databunkerMasterkey := "" }}
+  {{- if $secret }}
+    {{- if index $secret.data "databunker-masterkey" }}
+      {{- $databunkerMasterkey = index $secret.data "databunker-masterkey" }}
+    {{- end }}
   {{- end }}
-  {{- if .Values.databunkerRoottoken }}
-  databunker-roottoken: {{ default "" .Values.databunkerRoottoken | b64enc | quote }}
-  {{- else }}
-  databunker-roottoken: {{ uuidv4 | b64enc | quote }}
+  {{- if not $databunkerMasterkey }}
+    {{- if .Values.databunkerMasterkey }}
+      {{- $databunkerMasterkey = .Values.databunkerMasterkey | b64enc | quote }}
+    {{- else }}
+      {{- $databunkerMasterkey = substr 1 49 (printf "%x%x%x%x%x%x" (int64 (randNumeric 18)) (int64 (randNumeric 18)) (int64 (randNumeric 18)) (int64 (randNumeric 18)) (int64 (randNumeric 18)) (int64 (randNumeric 18)) ) | b64enc | quote }}
+    {{- end }}
   {{- end }}
+  databunker-masterkey: {{ $databunkerMasterkey }}
+
+  {{- $databunkerRoottoken := "" }}
+  {{- if $secret }}
+    {{- if index $secret.data "databunker-roottoken" }}
+      {{- $databunkerRoottoken = index $secret.data "databunker-roottoken" }}
+    {{- end }}
+  {{- end }}
+  {{- if not $databunkerRoottoken }}
+    {{- if .Values.databunkerRoottoken }}
+      {{- $databunkerRoottoken = .Values.databunkerRoottoken | b64enc | quote }}
+    {{- else }}
+      {{- $databunkerRoottoken = uuidv4 | b64enc | quote }}
+    {{- end }}
+  {{- end }}
+  databunker-roottoken: {{ $databunkerRoottoken }}
 {{- end }}