search

concourse / concourse-chart

Helm chart to install Concourse
Apache License 2.0
145 stars 176 forks source link

still requesting AWS Secrets / SSM Parameters if region is provided and function disabled #348

Closed bdellegrazie closed 11 months ago

bdellegrazie commented 12 months ago

Describe the bug

In the helm chart, there is a value representing concourse.web.awsSecretsManager.enabled and similarly concourse.web.awsSsm.enabled. These values default to false.

If the concourse.web.awsSecretsManager.region or concourse.web.awsSsm.region are supplied Concourse still tries to look for secrets in AWS SecretsManager or SSM respectively, even though the enabled flag is false.

Reproduction steps

  1. Deploy on AWS via helm using values file: 
    concourse:
web:
awsSecretsManager:
   region: us-east-1
awsSsm:
   region: us-east-1

    (default for enabled flag is false) deploy a pipeline that expects a secret and Concourse will go looking in SecretsManager / Ssm for that secret.

Expected behavior

Concourse looks only in Kubernetes Secrets

Additional context

looks trivial to fix, will raise a PR