I am experimenting with your helm chart extensively.
And found the next thing. I can set up oidc settings with the config.oidc.secret.create: false value.
It leads to broken deployment as it expects the secret anyway. It is opaque behaviour as in fact as user I want to have three options:
put oidc settings and inject them like ENV variables directly from deployment (like for debug purposes)
use external secret precreated by means of any possible solution (external-secrets operator, vault, I created the secret in k8s myself etc.) and give me an option to select this secret name
create the secret inside of helm chart and pass it to the deployment with the option to reload deployment in case of changing the secret (add sha annotation in labels for the deployment)
make the options exclusive to each other. Now I can set up oidc settings and not create the secret, which does not make sense...
I think good example could be bitnami charts for redis/mongo/postgresql, where it is obvious what to put into values.yaml
Good day Sirs,
I am experimenting with your helm chart extensively. And found the next thing. I can set up oidc settings with the
config.oidc.secret.create: false
value. It leads to broken deployment as it expects the secret anyway. It is opaque behaviour as in fact as user I want to have three options:I think good example could be
bitnami
charts for redis/mongo/postgresql, where it is obvious what to put intovalues.yaml