Open orendain opened 1 week ago
Hi!
Thank you so much for reporting! I will forward this to the team but as it is not a critical feature we cannot guarantee an ETA. If you want to speed up the process, you can submit a PR and the team will check it.
Name and Version
bitnami/keycloak 21.4.4
What is the problem this feature will solve?
Specfying configuration in
keycloakConfigCli.configuration
will store that configuration in a configMap. Alternatively, users can have configuration be read from their own configMap by specifyingkeycloakConfigCli.existingConfigmap
.However, it's often the case that config contains sensitive information. In these cases, it's a security risk to have that data sitting in a configmap.
What is the feature you are proposing to solve the problem?
Support storing Keycloak Config CLI configuration in a Kubernetes Secret. Alternatively, support a secret-equivalent field to
keycloakConfigCli.existingConfigmap
(i.e.,keycloakConfigCli.existingSecret
).What alternatives have you considered?
In the meantime, my workaround is to mount an existing secret as custom volume and manually specify the import path.
For example:
For anyone facing a similar need, the above should suffice. However, note that one should be careful mixing this workaround with use of
keycloakConfigCli.configuration
orkeycloakConfigCli.existingConfigmap
.