Open mergwyn opened 1 week ago
Hi, cluster_id is used to map the cluster to your CloudCasa account so its best to keep it private. At the moment the chart doesn't support reading the value from a secret.
One option is to provide the helm value cluster_id
in ArgoCD helm parameters, this way it can be read from environment vars/vault at runtime.
I'll give this a go when I get chance. My thinking is that I will add values.secretName
and then in the template will conditionally set AMDS_CLUSTER_ID
using valueFrom
and secretKeyRef
if secretName
is defined, otherwise will set from cluster_id
as currently. Should be a non-breaking change if I do it correctly!
This is what I had in mind:
- name: AMDS_CLUSTER_ID
{{ if .Values.secretName }}
valueFrom:
secretKeyRef:
key: cluster_id
name: {{ .Values.secretName }}
{{ else }}
value: {{ .Values.cluster_id }}
{{ end }}
Hi, sorry if this is a basic question - I am hoping to use this chart with argocd but I cannot work out whether it is safe to commit my clusterid to GitHub in plain text in my values file. If not, I’ll try and work up a PR to allow it to be stored in a secret.