feat(helm): Add secret annotations (#11860)

* feat(helm): Add secret annotations

Allow adding annotations to secret resources.

* Update helm/defectdojo/Chart.yaml

Co-authored-by: kiblik <[email protected]>

* Update helm/defectdojo/values.yaml

Co-authored-by: kiblik <[email protected]>

* Update helm/defectdojo/templates/extra-secret.yaml

Co-authored-by: kiblik <[email protected]>

* Update helm/defectdojo/templates/secret-postgresql-ha-pgpool.yaml

Co-authored-by: kiblik <[email protected]>

* Update helm/defectdojo/templates/secret-postgresql.yaml

Co-authored-by: kiblik <[email protected]>

* Update helm/defectdojo/templates/secret-redis.yaml

Co-authored-by: kiblik <[email protected]>

* Update helm/defectdojo/templates/secret-postgresql-ha.yaml

Co-authored-by: kiblik <[email protected]>

* Update helm/defectdojo/templates/secret.yaml

Co-authored-by: kiblik <[email protected]>

---------

Co-authored-by: Alexander Chebotov <[email protected]>
Co-authored-by: kiblik <[email protected]>

helm/defectdojo/templates/extra-secret.yaml

@@ -12,6 +12,15 @@ metadata:
     {{- with .Values.extraLabels }}
       {{- toYaml . | nindent 4 }}
     {{- end }}
+  {{- if or .Values.secrets.annotations .Values.annotations }}
+  annotations:
+    {{- with .Values.secrets.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- with .Values.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- end }}
 type: Opaque
 data:
 {{- range $key, $value  := .Values.extraSecrets }}

helm/defectdojo/templates/secret-postgresql-ha-pgpool.yaml

@@ -15,6 +15,12 @@ metadata:
     helm.sh/resource-policy: keep
     helm.sh/hook: "pre-install"
     helm.sh/hook-delete-policy: "before-hook-creation"
+    {{- with .Values.secrets.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- with .Values.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
 type: Opaque
 data:
 {{- if .Values.postgresqlha.pgpool.adminPassword }}

helm/defectdojo/templates/secret-postgresql-ha.yaml

@@ -15,6 +15,12 @@ metadata:
     helm.sh/resource-policy: keep
     helm.sh/hook: "pre-install"
     helm.sh/hook-delete-policy: "before-hook-creation"
+    {{- with .Values.secrets.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- with .Values.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
 type: Opaque
 data:
 {{- if .Values.postgresqlha.postgresql.password }}

helm/defectdojo/templates/secret-postgresql.yaml

@@ -15,6 +15,12 @@ metadata:
     helm.sh/resource-policy: keep
     helm.sh/hook: "pre-install"
     helm.sh/hook-delete-policy: "before-hook-creation"
+    {{- with .Values.secrets.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- with .Values.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
 type: Opaque
 data:
 {{- if .Values.postgresql.auth.password }}

helm/defectdojo/templates/secret-redis.yaml

@@ -15,6 +15,12 @@ metadata:
     helm.sh/resource-policy: keep
     helm.sh/hook: "pre-install"
     helm.sh/hook-delete-policy: "before-hook-creation"
+    {{- with .Values.secrets.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- with .Values.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
 type: Opaque
 data:
 {{- if .Values.redis.auth.password }}

helm/defectdojo/templates/secret.yaml

@@ -16,6 +16,12 @@ metadata:
     helm.sh/resource-policy: keep
     helm.sh/hook: "pre-install"
     helm.sh/hook-delete-policy: "before-hook-creation"
+    {{- with .Values.secrets.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- with .Values.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
 type: Opaque
 data:
 {{- if .Values.admin.password }}

helm/defectdojo/values.yaml

@@ -131,6 +131,10 @@ monitoring:
 
 annotations: {}
 
+secrets:
+  # Add annotations for secret resources
+  annotations: {}
+
 # Components
 celery:
   broker: redis