updaes usage of provisionedSecretPrefix to ensure when it's blank in the values it does not leave a leading hyphen in the command that kubectl interprets as a flag

rbrady · rbrady · commit ccdaf7536722 · 2025-05-09T15:30:13.000-04:00
Signed-off-by: Ryan Brady &lt;ryan.brady@grafana.com&gt;
diff --git a/production/helm/loki/templates/provisioner/job-provisioner.yaml b/production/helm/loki/templates/provisioner/job-provisioner.yaml
@@ -98,9 +98,10 @@ spec:
               # Note: the following bash commands should always return a success status code. 
               # Therefore, in case the token file does not exist, the first clause of the 
               # or-operation is successful.
+              {{- $prefix := tpl $.Values.enterprise.provisioner.provisionedSecretPrefix $ -}}
               {{- range .Values.enterprise.provisioner.additionalTenants }}
               ! test -s /bootstrap/token-write-{{ .name }} || \
-                kubectl --namespace "{{ .secretNamespace }}" create secret generic "{{ tpl $.Values.enterprise.provisioner.provisionedSecretPrefix $ }}-{{ .name }}" \
+                kubectl --namespace "{{ .secretNamespace }}" create secret generic "{{- if $prefix }}{{ $prefix }}-{{ end }}{{ .name }}" \
                   --from-literal=token-write="$(cat /bootstrap/token-write-{{ .name }})" \
                   --from-literal=token-read="$(cat /bootstrap/token-read-{{ .name }})"
               {{- end }}
