Helm chart can generate resource names longer than the 63 character DNS limit

[isker]

Kubernetes requires certain names (at least metadata.name and label names/values) to be <64 characters long, to comply with DNS limits. The helm chart can generate names longer than this, in spite of attempting not to.

The default value of external-secrets.fullname is properly truncated: https://github.com/external-secrets/external-secrets/blob/fe3c78d2af1202331df6bfbc7237f5f310dd5c21/deploy/charts/external-secrets/templates/_helpers.tpl#L8-L24

But it is then appended to in length-sensitive contexts without further truncation: https://github.com/external-secrets/external-secrets/blob/fe3c78d2af1202331df6bfbc7237f5f310dd5c21/deploy/charts/external-secrets/templates/webhook-deployment.yaml#L5

This bit me when installing the helm chart with AWS CDK, which is notorious for generating long resource names. I ended up with failures like this:

Error: Service "itlabcirunnerstackclusterchartexternalsecrets449a9ff5-external-webhook" is invalid: metadata.name: Invalid value: "itlabcirunnerstackclusterchartexternalsecrets449a9ff5-external-webhook": must be no more than 63 characters'

This is easily fixed by parameterizing the helm chart installation with a shorter non-default full name, but it might be worth making the defaults work in all cases.

[github-actions[bot]]

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 30 days.

[isker]

As far as I can tell this issue has not been addressed.