search

helmfile / vals

Helm-like configuration values loader with support for various sources
Apache License 2.0
525 stars 70 forks source link

Error expanding GCP secrets #291

Open dovvla opened 6 months ago

dovvla commented 6 months ago

Hi,

I have an issue where when I try to reference secret from gcpsecrets additional fields get concatenated to the URI. To be more precise, here is what happened:

#values.yaml
  defaultDbPassword: ref+gcpsecrets://<project_name>/<secret_name>
  database:
    default:
      writeHostUrl: "127.0.0.2"
      readOnlyHostUrl: "127.0.0.3"
      database: <db_name>

Upon running helm secrets --evaluate-templates upgrade --install the following error is thrown:

expand gcpsecrets://<project_name>/<secret_name>@tcp(127.0.0.2)/<db_name>: failed to get secret: rpc error: code = InvalidArgument desc = The provided Secret ID [projects/<project_name>/secrets/t<secret_name>@tcp(127.0.0.2)/<db_name>/versions/latest] does not match the expected format [projects/*/secrets/*/versions/*]'
yxxhero commented 5 months ago

@dovvla PR is welcome.

sonnysideup commented 5 months ago

@yxxhero Your response is not helpful because the problem has not even been identified.

@dovvla try passing the secret with a version field, likeref+gcpsecrets://<project_name>/<secret_name>?version=1 as example. I think you can use latest as the version value, but I don't remember at this point.

aslafy-z commented 3 months ago

~I think this issue should go to helm-secrets~

@dovvla Try with defaultDbPassword: ref+gcpsecrets://<project_name>/<secret_name>+ (a + at the end). See https://github.com/helmfile/vals#expression-syntax for details.