Basic example chart

.github/workflows/release-helm.yml

@@ -0,0 +1,31 @@
+name: Release Helm Chart
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+      - name: Install Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.4.0
+
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@v1.1.0
+        with:
+          charts_dir: charts
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

README.md

@@ -1,13 +1,17 @@
 # argocd-vault-replacer
 An [Argo CD](https://argoproj.github.io/argo-cd/) plugin to replace placeholders in Kubernetes manifests with secrets stored in [Hashicorp Vault](https://www.vaultproject.io/). The binary will scan the current directory recursively for any .yaml (or .yml if you're so inclined) files and attempt to replaces strings of the form `<vault:/store/data/path~key>` with those obtained from a Vault kv2 store.
 
-If you use it as the reader in a unix pipe, it will instead read from stdin. In this scenario it can post-process the output of another tool, such as kustomize.
+If you use it as the reader in a unix pipe, it will instead read from stdin. In this scenario it can post-process the output of another tool, such as Kustomize or Helm.
 
 <img src="assets/images/argocd-vault-replacer-diagram.png">
 
 ## Why?
 - Allows you to invest in Git Ops without compromising secret security.
+  - Configuration goes into Git.
+  - Secrets go into Vault.
 - Changes to secrets in Vault will automatically propagate to your cluster.
+- yaml-agnostic. Supports any Kubernetes resource type as long as it can be expressed in .yaml (or .yml).
+- Native Vault-Kubernetes authentication means you don't have to renew tokens or store/passthrough approle role-ids and secret-ids.
 
 # Installing as an Argo CD Plugin
 You can use [our Kustomization example](https://github.com/Joibel/argocd-vault-replacer/tree/main/examples/kustomize/argocd) to install Argo CD and to bootstrap the installation of the plugin at the same time. However the steps below will detail what is required should you wish to do things more manually. The Vault authentication setup cannot be done with Kustomize and must be done manually.

charts/argocd-vault-replacer-example-chart/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: argocd-vault-replacer-example
+description: A Helm chart to demonstrate how argocd-vault-replacer can work with Helm
+type: application
+version: 0.0.1
+appVersion: 0.0.1

charts/argocd-vault-replacer-example-chart/templates/configmap.yaml

@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: argocd-vault-replacer-example-configmap
+data:
+  sample-secret: {{ .Values.configMap }}

charts/argocd-vault-replacer-example-chart/templates/secret.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: argocd-vault-replacer-example-secret
+data:
+  sample-secret: {{ .Values.secret }}
+type: Opaque