Closed villesau closed 2 years ago
I just ran into the same issue, and I came up with a different workaround. I noticed you mentioned not being able to use values
in the other issue, but with the sensitive function you actually can:
values = [
yamlencode({
connect = {
credentials = sensitive(replace(file("path/to/credentials.json"), "\n", ""))
}
})
]
I was able to get this working via @Gibstick's workaround, but it would be very beneficial to avoid the extra layers when putting this into Terraform and instead just pass the file reference (or ideally leverage an ENV variable containing the contents of the file as part of CI).
Hi all,
Thank you all for chipping in on this issue and bringing up the workaround! 🙌
What if we added an option to set the credential base64-encoded? So:
set_sensitive {
name = "connect.credentials_base64"
type = "string"
value = " ${filebase64("${path.root}/path/to/1password-credentials.json"))}"
}
That should be really easy to add.
@jpcoenen that sounds promising. I would add that when deploying the operator alongside, I'd like the operator.token.value
to be b64 capable as well to again provide that via an environment var.
I'd like the operator.token.value to be b64 capable as well
That sounds like a great addition :+1:
Actually, given that the token can already be provided as a value instead of a file reference, that may not be strictly necessary? Doesn't hurt to make it consistent though.
Yep base64 is not a bad idea :+1: As long as the rationale behind credentials_base64
is well documented :)
Your environment
Chart Version: 1.4.0
Helm Version: 3.x
Kubernetes Version: latest
What happened?
Terraform supports applying helm charts: https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release However, when setting
connect.credentials
like:the apply fails to
Error: failed parsing key "connect.credentials" with value ...
This is due to this bug: https://github.com/hashicorp/terraform-provider-helm/issues/618 that is apparently also reproduceable in the actual helm: https://github.com/hashicorp/terraform-provider-helm/issues/618#issuecomment-729978207
What did you expect to happen?
Above should not fail. Could the chart e.g take only the file path and manage the JSON internally instead? Or would there be another possible workaround?
Steps to reproduce
E: found a workaround: