example-external-secret.yaml

# Example external secret for production use with existingSecret
# This shows the format expected when using .Values.solaceCache.broker.existingSecret
#
# To create this secret:
# kubectl create -f example-external-secret.yaml -n <namespace>
#
# Or create it imperatively:
# kubectl create secret generic solace-cache-credentials \
#   --from-literal=username-0='prod-cache-user-1' \
#   --from-literal=password-0='<secure-password-1>' \
#   --from-literal=username-1='prod-cache-user-2' \
#   --from-literal=password-1='<secure-password-2>' \
#   -n <namespace>

apiVersion: v1
kind: Secret
metadata:
  name: solace-cache-credentials
  namespace: default  # Change to your namespace
  labels:
    app: solace-cache
type: Opaque
stringData:
  # Default: Same credentials for all instances
  # Credentials for pod ordinal 0 (first cache instance)
  username-0: "prod-cache-user"
  password-0: "YourSecurePassword"
  
  # Credentials for pod ordinal 1 (second cache instance)
  # Uses same credentials by default - customize if per-instance credentials needed
  username-1: "prod-cache-user"
  password-1: "YourSecurePassword"

# Note: Using stringData means Kubernetes will automatically base64 encode these values
# If you prefer to encode manually, use 'data:' instead of 'stringData:' with base64-encoded values
#
# Example with data (base64 encoded):
# data:
#   username-0: cHJvZC1jYWNoZS11c2VyLTE=  # base64 of "prod-cache-user-1"
#   password-0: WW91clNlY3VyZVBhc3N3b3JkMQ==  # base64 of "YourSecurePassword1"
#   username-1: cHJvZC1jYWNoZS11c2VyLTI=  # base64 of "prod-cache-user-2"
#   password-1: WW91clNlY3VyZVBhc3N3b3JkMg==  # base64 of "YourSecurePassword2"

# For more than 2 replicas, add username-2, password-2, username-3, password-3, etc.
# The key names must follow the pattern: username-N and password-N where N is the pod ordinal (0, 1, 2, ...)