apiVersion: v1
kind: Secret
metadata:
  name: {{ template "fullname" . }}
type: Opaque
data:
  {{- if (not .Values.env.apiserverCert) and (not .Values.env.apiserverKey) }}
  {{- $ca := genCA "virtual-kubelet-ca" 3650 }}
  {{- $cn := printf "%s-virtual-kubelet-apiserver" .Release.Name }}
  {{- $altName1 := printf "%s-virtual-kubelet-apiserver.%s" .Release.Name .Release.Namespace }}
  {{- $altName2 := printf "%s-virtual-kubelet-apiserver.%s.svc" .Release.Name .Release.Namespace }}
  {{- $cert := genSignedCert $cn nil (list $altName1 $altName2) 3650 $ca }}
  cert.pem: {{ b64enc $cert.Cert }}
  key.pem: {{ b64enc $cert.Key }}
  {{ else }}
  cert.pem: {{ quote .Values.env.apiserverCert }}
  key.pem: {{ quote .Values.env.apiserverKey }}
  {{ end}}
  clientSecret: {{ default "" .Values.env.azureClientKey | b64enc | quote }}
  {{ if .Values.loganalytics.enabled }}
  loganalytics.json: {{ printf "{\"workspaceID\": \"%s\",\"workspaceKey\": \"%s\"}" (required "workspaceID is required for loganalytics" .Values.loganalytics.workspaceID ) (required "workspaceKey is required for loganalytics" .Values.loganalytics.workspaceKey ) | b64enc | quote }}
  {{ end }}