From eb29fba1d0db5d286aef8e707b9799fb505c8b72 Mon Sep 17 00:00:00 2001
From: Brett Delle Grazie <brett.dellegrazie@gmail.com>
Date: Thu, 5 Oct 2023 15:06:45 +0200
Subject: [PATCH] fix(aws-secrets): use AWS secrets only if enabled

Only set the AWS variables if the enabled flag is true for secrets
lookup

fixes: #348
Signed-off-by: Brett Delle Grazie <brett.dellegrazie@gmail.com>
---
 templates/web-deployment.yaml | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/templates/web-deployment.yaml b/templates/web-deployment.yaml
index 2ccec5a7..b7d130a0 100644
--- a/templates/web-deployment.yaml
+++ b/templates/web-deployment.yaml
@@ -235,14 +235,6 @@ spec:
             - name: CONCOURSE_SECRET_CACHE_PURGE_INTERVAL
               value: {{ .Values.concourse.web.secretCachePurgeInterval | quote }}
             {{- end }}
-            {{- if .Values.concourse.web.awsSecretsManager.region }}
-            - name: CONCOURSE_AWS_SECRETSMANAGER_REGION
-              value: {{ .Values.concourse.web.awsSecretsManager.region | quote }}
-            {{- end }}
-            {{- if .Values.concourse.web.awsSsm.region }}
-            - name: CONCOURSE_AWS_SSM_REGION
-              value: {{ .Values.concourse.web.awsSsm.region | quote }}
-            {{- end }}
             {{- if .Values.concourse.web.tracing.serviceName }}
             - name: CONCOURSE_TRACING_SERVICE_NAME
               value: {{ .Values.concourse.web.tracing.serviceName | quote }}
@@ -536,6 +528,10 @@ spec:
             - name: CONCOURSE_AWS_SECRETSMANAGER_PIPELINE_SECRET_TEMPLATE
               value: {{ .Values.concourse.web.awsSecretsManager.pipelineSecretTemplate | quote }}
             {{- end }}
+            {{- if .Values.concourse.web.awsSecretsManager.region }}
+            - name: CONCOURSE_AWS_SECRETSMANAGER_REGION
+              value: {{ .Values.concourse.web.awsSecretsManager.region | quote }}
+            {{- end }}
             {{- if .Values.concourse.web.awsSecretsManager.teamSecretTemplate }}
             - name: CONCOURSE_AWS_SECRETSMANAGER_TEAM_SECRET_TEMPLATE
               value: {{ .Values.concourse.web.awsSecretsManager.teamSecretTemplate | quote }}
@@ -569,6 +565,10 @@ spec:
             - name: CONCOURSE_AWS_SSM_PIPELINE_SECRET_TEMPLATE
               value: {{ .Values.concourse.web.awsSsm.pipelineSecretTemplate | quote }}
             {{- end }}
+            {{- if .Values.concourse.web.awsSsm.region }}
+            - name: CONCOURSE_AWS_SSM_REGION
+              value: {{ .Values.concourse.web.awsSsm.region | quote }}
+            {{- end }}
             {{- if .Values.concourse.web.awsSsm.teamSecretTemplate }}
             - name: CONCOURSE_AWS_SSM_TEAM_SECRET_TEMPLATE
               value: {{ .Values.concourse.web.awsSsm.teamSecretTemplate | quote }}