Open programmerq opened 10 months ago
I just faced the same pitfall with teleport-cluster/.
I added configuration like:
authentication:
local_auth: false
but it had to be camel case:
authentication:
localAuth: false
https://goteleport.com/docs/reference/helm-reference/teleport-cluster/#authenticationlocalauth
Current Behavior
When setting
joinParams
in the values.yaml file forteleport-kube-agent
, it is easy to writetoken_name
instead oftokenName
.In
teleport.yaml
, snake_case is used:but in the helm values, camelCase is used:
It is very easy to grab
token_name
from ateleport.yaml
example, and end up with a silent failure. ThetokenName
field is empty, so an empty token name is tried, and that can cause a warning and then error:WARN Empty config value file: /etc/teleport-secrets/auth-token utils/config.go:45
...ERRO [PROC:1] Kube failed to establish connection to cluster: rpc error: code = InvalidArgument desc = missing parameter Token. pid:7.1 service/connect.go:123
Expected Behavior
The helm chart should be more helpful here. Here are some possible things that would make the experience better:
tokenName
is unpopulated andjoinTokenSecret.create
istrue
. The error could explain that helm prefers camelCase.token_name
is used.token_name
as-is if it is set.Bug details: