Vault prefix to have a vault directory with same name that kubernetes namesapce and then allow kubernetes integration

[alexisdondon]

onyxia let add prefix to namespace https://github.com/InseeFrLab/onyxia-api/blob/main/docs/region-configuration.md#services-properties

namespacePrefix groupNamespacePrefix

So when singleNamespace is not true (one namespace by user/project).

It could be interesting that vault directory construct by the ui take the same prefix.

I don't know it should rely on namespacePrefix and groupNamespacePrefix or two new values.

[olevitt]

I added the prefix to the vault configuration in region on this PR : https://github.com/InseeFrLab/onyxia-api/pull/408
Please test image tagged vault-prefix and see if it suits your need.

[phlg]

I can't seem to make use of the prefix when configured (but this might be a me problem rather than an Onyxia problem 🙃 ).

After using the vault-prefix tag and adding the parameter in my region, I do see it coming back in the Onyxia UI :

But this itself is apparently not enough, as every request going to Vault use a $username endpoint, instead of the ${prefix}${username} I expected (in the screenshot below, ozp6kz vs user-ozp6kz) :

Am I misunderstanding the intent or scope of this feature ? Or am I missing something, maybe a parameter or something similar (or some additional changes to UI of Onyxia) ?

[fcomte]

can you check the api response for the request on the /user/info endpoint. ?

[phlg]

Not sure if this is the relevant part, but the vaultTopDir comes back as being just $username and not ${prefix}${username} :

[olevitt]

Yup, I made a mistake in the PR, I just fixed it

[phlg]

The image built with your latest commit included works as intended : the vaultTopDir does include the prefix, and the UI shows the proper secrets (in my case : with a prefix for user projet, and without for group projects).

Thanks ! :)