Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ability to use secrets #1

Closed
katherine-boost opened this issue May 19, 2020 · 7 comments
Closed

Add ability to use secrets #1

katherine-boost opened this issue May 19, 2020 · 7 comments

Comments

@katherine-boost
Copy link

katherine-boost commented May 19, 2020
edited
Loading

Hi there, thanks so much for providing this Helm chart!

I have a feature request: it would be awesome if there was some way to pass SealedSecrets to the Vouch helm chart, so that I can take mine out of plain text. Specifically,

e.g. how the MongoDB Replica Set Helm Chart implements auth.existingKeySecret, auth.existingMetricsSecret, and auth.existingAdminSecret.

I could maybe take a stab at a PR in a couple of weeks, if you're open to that.

Cheers!
@halkeye
Copy link
Member

halkeye commented May 19, 2020

Always open to PRs. I'll see what I can do though. Existing is probably doable

@bnfinet
Copy link
Member

bnfinet commented May 19, 2020 via email

@halkeye
Copy link
Member

halkeye commented May 20, 2020

I use helm secrets (sops) myself, so not a high priority for me, but it shouldn't be that hard to make all of https://github.com/halkeye-helm-charts/vouch/blob/master/templates/configmap.yaml a secret (i've learned a lot since this chart was made), and then if existingSecretName is set, just let you use existingSecretName instead of the chart populating it.

Just that new terraria dropped and I'm easily distracted :)

@bnfinet
Copy link
Member

bnfinet commented May 21, 2020

FYI - @bgehman offered this writeup including some details of his helm chart implementation using Secret instead of ConfigMap
vouch/vouch-proxy#263 (comment)

@bgehman
Copy link

bgehman commented May 21, 2020

@halkeye I don't have much experience with SealedSecrets (what OP is asking for), but I can submit a PR for moving the existing ConfigMap to Secret (very minor changes needed).

@halkeye
Copy link
Member

halkeye commented May 21, 2020

Yea i'm not going to support sealedsecrets directly, cause its a custom resource descriptor that will break on some installs, but migrate from configmap => secret (👍 ) and supporting existingSecretName (👍) should handle the requested case

@halkeye
Copy link
Member

halkeye commented May 24, 2020

This should be fixed via 92aeca9

I added existingSecretName if you want to completely override the secret the chart generates

@halkeye halkeye closed this as completed May 24, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@halkeye @bnfinet @bgehman @katherine-boost