feat(SecretManagement): migrate secrets to AWS SM

Author: sofiasimdianova

README.md

@@ -4,15 +4,15 @@
 
 | Readme | Chart Version | App Version | Description | Hub |
 |--------|---------------|-------------|-------------|-----|
-| [Agent](./charts/agent/README.md) | 2.4.1 | v2.2.0 | Formance Membership Agent Helm Chart | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/agent)](https://artifacthub.io/packages/search?repo=agent) |
+| [Agent](./charts/agent/README.md) | 2.5.0 | v2.2.0 | Formance Membership Agent Helm Chart | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/agent)](https://artifacthub.io/packages/search?repo=agent) |
 | [Cloudprem](./charts/cloudprem/README.md) | 3.0.0-rc.10 | v1.1.0 | Formance control-plane | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/cloudprem)](https://artifacthub.io/packages/search?repo=cloudprem) |
 | [Console](./charts/console/README.md) | 2.0.1 | console-on.v1.0.2 | Formance Console | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/console)](https://artifacthub.io/packages/search?repo=console) |
 | [Console-V3](./charts/console-v3/README.md) | 2.0.3 | 5e7b404a3a208b1f38603719e02a8b1883c10acf | Formance Console | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/console-v3)](https://artifacthub.io/packages/search?repo=console-v3) |
 | [Core](./charts/core/README.md) | 1.1.1 | latest | Formance Core Library | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/core)](https://artifacthub.io/packages/search?repo=core) |
 | [Demo](./charts/demo/README.md) | 2.1.0 | latest | Formance Private Regions Demo | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/demo)](https://artifacthub.io/packages/search?repo=demo) |
 | [Membership](./charts/membership/README.md) | 2.2.1 | v1.1.0 | Formance Membership API. Manage stacks, organizations, regions, invitations, users, roles, and permissions. | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/membership)](https://artifacthub.io/packages/search?repo=membership) |
 | [Portal](./charts/portal/README.md) | 2.0.5 | 5e7b404a3a208b1f38603719e02a8b1883c10acf | Formance Portal | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/portal)](https://artifacthub.io/packages/search?repo=portal) |
-| [Regions](./charts/regions/README.md) | 2.8.4 | latest | Formance Private Regions Helm Chart | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/regions)](https://artifacthub.io/packages/search?repo=regions) |
+| [Regions](./charts/regions/README.md) | 2.9.4 | latest | Formance Private Regions Helm Chart | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/regions)](https://artifacthub.io/packages/search?repo=regions) |
 | [Stargate](./charts/stargate/README.md) | 0.6.1 | latest | Formance Stargate gRPC Gateway | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/stargate)](https://artifacthub.io/packages/search?repo=stargate) |
 
 ## How to contribute

charts/agent/Chart.yaml

@@ -10,7 +10,7 @@ maintainers:
 icon: "https://avatars.githubusercontent.com/u/84325077?s=200&v=4"
 
 type: application
-version: 2.4.1
+version: 2.5.0
 
 appVersion: "v2.2.0"
 

charts/agent/README.md

@@ -1,6 +1,6 @@
 # agent
 
-![Version: 2.4.1](https://img.shields.io/badge/Version-2.4.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.2.0](https://img.shields.io/badge/AppVersion-v2.2.0-informational?style=flat-square)
+![Version: 2.5.0](https://img.shields.io/badge/Version-2.5.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.2.0](https://img.shields.io/badge/AppVersion-v2.2.0-informational?style=flat-square)
 
 Formance Membership Agent Helm Chart
 
@@ -47,8 +47,10 @@ Formance Membership Agent Helm Chart
 | affinity | object | `{}` |  |
 | agent.authentication.clientID | string | `""` |  |
 | agent.authentication.clientSecret | string | `""` |  |
+| agent.authentication.existingSecret | string | `""` |  |
 | agent.authentication.issuer | string | `"https://app.formance.cloud/api"` |  |
 | agent.authentication.mode | string | `"bearer"` |  |
+| agent.authentication.secretKeys.secret | string | `""` |  |
 | agent.baseUrl | string | `""` |  |
 | agent.id | string | `"b7549a16-f74a-4815-ab1e-bb8ef1c3833b"` |  |
 | agent.outdated | bool | `false` | Any region: - this flag is sync by the server - it will mark the associated region as outdated and will block any new Creation/Enable/Restore |

charts/agent/templates/_helpers.tpl

@@ -26,7 +26,14 @@ app.kubernetes.io/instance: {{ .Release.Name }}
   value: "{{ .Values.agent.authentication.mode }}"
 {{- if eq .Values.agent.authentication.mode "token" }}
 - name: AUTHENTICATION_TOKEN
-  value: "{{ .Values.agent.authentication.token }}"
+  {{- if gt (len .Values.agent.authentication.existingSecretToken) 0 }}
+  valueFrom:
+    secretKeyRef:
+      name: {{ .Values.agent.authentication.existingSecret }}
+      key: {{ .Values.agent.authentication.secretKeys.secret | default "token"  }}
+  {{- else }}
+  value: {{ .Values.agent.authentication.token }}
+  {{- end }}
 {{- end }}
 {{- if eq .Values.agent.authentication.mode "bearer" }}
 - name: AUTHENTICATION_ISSUER

charts/agent/values.schema.json

@@ -15,11 +15,22 @@
                         "clientSecret": {
                             "type": "string"
                         },
+                        "existingSecret": {
+                            "type": "string"
+                        },
                         "issuer": {
                             "type": "string"
                         },
                         "mode": {
                             "type": "string"
+                        },
+                        "secretKeys": {
+                            "properties": {
+                                "secret": {
+                                    "type": "string"
+                                }
+                            },
+                            "type": "object"
                         }
                     },
                     "type": "object"

charts/agent/values.yaml

@@ -109,6 +109,10 @@ agent:
     issuer: https://app.formance.cloud/api
     clientID: ""
     clientSecret: ""
+    existingSecret: ""
+    secretKeys:
+      secret: ""
+
 
     # -- Public Region
     # mode: token

charts/regions/Chart.lock

@@ -1,9 +1,10 @@
 dependencies:
 - name: agent
   repository: file://../agent
-  version: 2.4.1
+  version: 2.5.0
+  version: 2.5.0
 - name: operator
   repository: oci://ghcr.io/formancehq/helm
   version: v2.6.0
-digest: sha256:72eccae222d27466817cb2dedb8cacbce157ae43255d79fc194ad4fe99133830
-generated: "2025-02-05T11:19:12.47191+01:00"
+digest: sha256:22d544a8bd745a33a0b3867bdb1422416b17d9a1ecf761b76a83c6b969400f57
+generated: "2025-02-06T14:42:03.279397119Z"

charts/regions/Chart.yaml

@@ -11,12 +11,12 @@ maintainers:
 icon: "https://avatars.githubusercontent.com/u/84325077?s=200&v=4"
 
 type: application
-version: 2.8.4
+version: 2.9.4
 appVersion: "latest"
 
 dependencies:
 - name: agent
-  version: 2.X
+  version: 2.5.0
   repository: "file://../agent"
   condition: agent.enabled
 - name: operator

charts/regions/README.md

@@ -1,6 +1,6 @@
 # regions
 
-![Version: 2.8.4](https://img.shields.io/badge/Version-2.8.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
+![Version: 2.9.4](https://img.shields.io/badge/Version-2.9.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
 
 Formance Private Regions Helm Chart
 
@@ -21,7 +21,7 @@ Formance Private Regions Helm Chart
 
 | Repository | Name | Version |
 |------------|------|---------|
-| file://../agent | agent | 2.X |
+| file://../agent | agent | 2.5.0 |
 | oci://ghcr.io/formancehq/helm | operator | v2.6.0 |
 
 ## Values
@@ -121,8 +121,10 @@ Formance Private Regions Helm Chart
 | agent.affinity | object | `{}` |  |
 | agent.agent.authentication.clientID | string | `""` |  |
 | agent.agent.authentication.clientSecret | string | `""` |  |
+| agent.agent.authentication.existingSecret | string | `""` |  |
 | agent.agent.authentication.issuer | string | `"https://app.formance.cloud/api"` |  |
 | agent.agent.authentication.mode | string | `"bearer"` |  |
+| agent.agent.authentication.secretKeys.secret | string | `""` |  |
 | agent.agent.baseUrl | string | `""` |  |
 | agent.agent.id | string | `"b7549a16-f74a-4815-ab1e-bb8ef1c3833b"` |  |
 | agent.agent.outdated | bool | `false` | Any region: - this flag is sync by the server - it will mark the associated region as outdated and will block any new Creation/Enable/Restore |