From 699200f2231a485db8a813adebb9fed57bd7c0ad Mon Sep 17 00:00:00 2001
From: Emanuele Barsanti <github@barsanti.xyz>
Date: Thu, 4 Jan 2024 00:20:39 +0100
Subject: [PATCH] fix: avoid decoding plain text password when database secret
 exists

Signed-off-by: Emanuele Barsanti <github@barsanti.xyz>
---
 templates/_helpers.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl
index 8fce623db..b3430a1f3 100644
--- a/templates/_helpers.tpl
+++ b/templates/_helpers.tpl
@@ -98,7 +98,7 @@ app: "{{ template "harbor.name" . }}"
   {{- if eq .Values.database.type "internal" -}}
     {{- $existingSecret := lookup "v1" "Secret" .Release.Namespace (include "harbor.database" .) -}}
     {{- if and (not (empty $existingSecret)) (hasKey $existingSecret.data "POSTGRES_PASSWORD") -}}
-      {{- .Values.database.internal.password | default (index $existingSecret.data "POSTGRES_PASSWORD") | b64dec -}}
+      {{- .Values.database.internal.password | default (index $existingSecret.data "POSTGRES_PASSWORD" | b64dec) -}}
     {{- else -}}
       {{- .Values.database.internal.password -}}
     {{- end -}}