Allow passing existing secret in helm chart values #809
Conversation
|
|
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
Hello, |
|
Hello @VincentDugard |
|
Sorry about that @Julian-Louis. We need to check if it's the "correct" (standard) way according to current Helm best practices and haven't had the time to do it so far. |
|
@Julian-Louis do you have any example of an "official" (or Bitnami) chart, or a link pointing to the relevant documentation entry? It looks weird to me to allow to entirely bypass the values system. |
|
@dunglas There are multiple bitnami charts that use this system. For exemple in the postgresql chart , you can provide an existing secrets for postgres credentials. There is also the possibility to override key name in the secret. edit : In this PR the existing secret override all secrets. It may be better to be able to provide an existing secret only for jwt |
|
Indeed, to me, it makes more sense to allow this for the JWTs! |
|
Why not to just allow to add an extra secret to the env? So the deployment needs only a new env:
# keep env as is
# ...
# allow to overwrite config
envFrom:
- secretRef:
name: the-user-secret-with-the-keys-he-wants-to-overwrite |
|
Hi @dunglas, We also want to keep the same JWT key between deployments with ArgoCD using our external-secret system. This would allow us to use an existing secret in our cluster, which is a must-have feature. |
|
Thanks! |
|
Hi @dunglas , Could you prepare a new release on the helm chart to adapt this change? |
Hello 👋
This pull request will allow passing an existing secret name into the helm chart values.
This is useful when using the GitOps approach, where values need to be committed to a git repository.
Related issues: