{{- if .Values.secret.enabled -}}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "hydra.secretname" . }}
  {{- if .Release.Namespace }}
  namespace: {{ .Release.Namespace }}
  {{- end }}
  labels:
    {{- include "hydra.labels" . | nindent 4 }}
  annotations:
    {{- with .Values.secret.secretAnnotations }}
      {{- toYaml . | nindent 4 }}
    {{- end }}
type: Opaque
data:
  # Generate a random secret if the user doesn't give one. User given password has priority
  secretsSystem: {{ ( include "hydra.secrets.system" . | default ( randAlphaNum 32 )) | required "Value secrets.system can not be empty!" | b64enc | quote }}
  secretsCookie: {{ ( include "hydra.secrets.cookie" . | default ( randAlphaNum 32 )) | required "Value secrets.cookie can not be empty!" | b64enc | quote }}
  dsn: {{ include "hydra.dsn" . | b64enc | quote }}
{{- end -}}