Apply a template to ALL keys within a secret #286
Description
I want to be able to apply the same template function to ALL the keys in a secret.
Example:
I have an arbitrary secret, which may or may not have the incorrect case. This will be mounted as an environment variable as part of a helm chart, and we have a policy that all environment variables must be in caps.
I would like to be able to write something that applies arbitrarily to any and all secrets.
destination:
transformation:
????: {{ upper . }}
I appreciate that in my example it would be easier to simply change the secret name, or mount the individual secrets by name and use the sprig functions within helm, but I have a large estate of legacy secrets that have an already-set naming convention and plenty of little oddities that have accumulated over the years. We want to use VSO, but need to make a couple of "apply to all" transformations to have feature parity with the way we currently sync secrets.
There are various usecases for this, here are some off the top of my head.
- Un-base64ing secrets before they get re-base64'd by k8s to avoid double-decoding when doing manual cluster work
- Replacing characters, for example _ with -
- Adding quotes or other characters to secrets