{{- if .Values.joinTokenSecret.create }}
apiVersion: v1
kind: Secret
metadata:
  name: {{ coalesce .Values.secretName .Values.joinTokenSecret.name }}
  namespace: {{ .Release.Namespace }}
{{- if .Values.extraLabels.secret }}
  labels:
  {{- toYaml .Values.extraLabels.secret | nindent 4 }}
{{- end }}
{{- if .Values.annotations.secret }}
  annotations:
  {{- toYaml .Values.annotations.secret | nindent 4 }}
{{- end }}
type: Opaque
stringData:
  auth-token: |
    {{ coalesce .Values.joinParams.tokenName .Values.authToken }}
{{- end}}

{{- if and (contains "jamf" (.Values.roles | toString)) .Values.jamfCredentialsSecret.create }}
---
apiVersion: v1
kind: Secret
metadata:
  name: {{ .Values.jamfCredentialsSecret.name }}
  namespace: {{ .Release.Namespace }}
  {{- if .Values.extraLabels.secret }}
  labels:
  {{- toYaml .Values.extraLabels.secret | nindent 4 }}
  {{- end }}
  {{- if .Values.annotations.secret }}
  annotations:
  {{- toYaml .Values.annotations.secret | nindent 4 }}
  {{- end }}
type: Opaque
stringData:
  credential: {{ required "jamfClientSecret is required in chart values when jamf role is enabled, see README" .Values.jamfClientSecret }}
{{- end}}