{{- if .Values.manager.enabled -}}
{{- if or (eq "true" (toString .Values.autoGenerateCert)) (and .Values.manager.certificate.key .Values.manager.certificate.certificate) }}
{{- $cert := (dict) }}
{{- if and .Values.manager.certificate.key .Values.manager.certificate.certificate }}
{{- $cert = (dict "Key" .Values.manager.certificate.key "Cert" .Values.manager.certificate.certificate ) }}
{{- else }}
{{- $cn := "neuvector" }}
{{- $cert = genSelfSignedCert $cn nil (list $cn) (.Values.defaultValidityPeriod | int) -}}
{{- end }}
apiVersion: v1
kind: Secret
metadata:
  name: neuvector-manager-secret
  namespace: {{ .Release.Namespace }}
  labels:
    chart: {{ template "neuvector.chart" . }}
    release: {{ .Release.Name }}
type: Opaque
data:
  ssl-cert.key: {{ include "neuvector.secrets.lookup" (dict "namespace" .Release.Namespace "secret" "neuvector-manager-secret" "key" "ssl-cert.key" "defaultValue" $cert.Key) }}
  ssl-cert.pem: {{ include "neuvector.secrets.lookup" (dict "namespace" .Release.Namespace "secret" "neuvector-manager-secret" "key" "ssl-cert.pem" "defaultValue" $cert.Cert) }}
---
{{- end }}
{{- end }}