RSA keys from existing secret (#1014)

* feat(helm): add the ability to retrieve the Robusta RSA keys from an existing secret.

* doc(setup-robusta): add the part mentionning the ability to retrieve the Robusta RSA keys from an existing secret

docs/setup-robusta/configuration-secrets.rst

@@ -16,6 +16,7 @@ Robusta can pull values from Kubernetes secrets for:
 * Sink Configuration
 * Global Config
 * Action Parameters
+* Robusta RSA keys
 
 To do so, first define an environment variable based on a Kubernetes secret. Add to Robusta's Helm values:
 
@@ -40,3 +41,5 @@ Then reference that environment variable in other Helm values using the special
 
 Finally, make sure the Kubernetes secret actually exists. In this example, create a Secret named ``my-robusta-secrets``
 with a ``secret_grafana_key`` value inside.
+
+For Robusta RSA keys, you can define the ``existingSecret`` parameter. The secret must have the `pub` and `prv` keys.

helm/robusta/templates/auth-config.yaml

@@ -1,4 +1,4 @@
-{{- if .Values.rsa }}
+{{- if and .Values.rsa (not .Values.rsa.existingSecret) }}
 apiVersion: v1
 kind: Secret
 metadata:

helm/robusta/templates/runner.yaml

@@ -143,7 +143,7 @@ spec:
             optional: true
         - name: auth-config-secret
           secret:
-            secretName: robusta-auth-config-secret
+            secretName: {{ default "robusta-auth-config-secret" .Values.rsa.existingSecret }}
             optional: true
         {{- if .Values.playbooksPersistentVolume }}
         - name: persistent-playbooks-storage

helm/robusta/values.yaml

@@ -604,6 +604,9 @@ kube-prometheus-stack:
         cpu: 10m
 
 rsa: ~
+  # @param existingSecret Name of existing secret containing the rsa keys
+  # NOTE: Must contain the keys `pub` and `prv`
+  # existingSecret: my-robusta-rsa-keys
 
 # custom parameters for OpenShift clusters
 openshift: