Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make sure secretRef take precedence over provider for OCI repositories #874

Closed
souleb opened this issue Aug 26, 2022 · 0 comments · Fixed by #884
Closed

Make sure secretRef take precedence over provider for OCI repositories #874

souleb opened this issue Aug 26, 2022 · 0 comments · Fixed by #884
Assignees
@souleb
Labels
area/oci OCI related issues and pull requests bug Something isn't working
Milestone
Helm GA

Comments

@souleb
Copy link
Member

souleb commented Aug 26, 2022

The RFC-002, https://github.com/fluxcd/flux2/blob/80669d71ef679b2a3018a958e1ac1a30c8a628f5/rfcs/0002-helm-oci/README.md?plain=1#L92-L93 states the following:

If both spec.secretRef and a non-generic provider are present in the definition, the controller will use the static credentials from the referenced secret.

OCIRepository and Helm Controllers have a different behavior when both spec.provider and spec.secretRef are set. If spec.provider is set with a non-generic value and the credential are successfully retrieved, it overrides the secretRef.

This issue is about addressing this to comply with the rfc.
@souleb souleb added bug Something isn't working area/oci OCI related issues and pull requests labels Aug 26, 2022
@souleb souleb self-assigned this Aug 26, 2022
@pjbgf pjbgf added this to the GA milestone Aug 26, 2022
@souleb souleb mentioned this issue Sep 1, 2022
Merged
@stefanprodan stefanprodan moved this to Since Last Dev Meeting in Maintainers' Focus Sep 9, 2022
@kingdonb kingdonb moved this from Since Last Dev Meeting to Done in Maintainers' Focus Sep 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@souleb souleb

Labels
area/oci OCI related issues and pull requests bug Something isn't working
Projects
Maintainers' Focus
Status: Done
Milestone
Helm GA
Development

Successfully merging a pull request may close this issue.

[OCI] Static credentials should take precedence over the OIDC provider souleb/source-controller
2 participants
@pjbgf @souleb