Chart stores secrets in ConfigMap rather than Secret #20
Labels
enhancement
New feature or request
Comments
|
+1, would love such implementation. |
|
Apologies for the delay on this. This sounds like a great feature request, but since so much time has passed since August of 2020, I do want to investigate other options before implementing this. I will get back to you. |
|
I've implemented that via Sealed Secrets which is added via |
|
Sealed Secrets is one very specific and opinionated approach. The request here is first of all to ensure secret content is stored in the appropriate K8s resource (Secret rather than ConfigMap), and then to provide a mechanism to receive secrets as direct helm chart values and leave it up to the user to manage the input, such as, in my case, using a secrets plugin for Helm. |
|
+1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Values such as
DRONE_DATABASE_SECRET,DRONE_RPC_SECRET,DRONE_GITEA_CLIENT_SECRET(and similar such secrets from other providers) are stored in a ConfigMap rather than a K8s Secret.I understand I can use
extraSecretNamesForEnvFromand pass my own pre-created secret, but of course the value proposition of the Helm chart is that it creates K8s resources for me. I use the Helm Secrets plugin that allows security passing secret values into Helm charts, and I'd prefer to use this mechanism for Drone secrets as well, rather than manually create a secret outside the chart.Perhaps a separate
envSecretsin the Helm chart, to facilitate this? Something like:Or, maybe the chart could be clever enough to automagically place everything matching
*_SECRETinto a k8s secret.Happy to submit a PR if you'd accept it.
The text was updated successfully, but these errors were encountered: