Not possible to properly configure SAML in the EE Chart via environment variables

[ground7]

I use the environment variables to configure SAML like so:

extraEnv:
  - name: MM_SAMLSETTINGS_ENABLE
    value: "true"
...
  - name: MM_SAMLSETTINGS_IDPCERTIFICATEFILE
    value: "saml-idp.crt"

And so on. Everything works except for the cert files that need to be uploaded. Since the bare minimum SAML config requires you to upload MM_SAMLSETTINGS_IDPCERTIFICATEFILE to get it working, and since setting that environment variable doesn't actually upload the file into the database, you'll get a certificate error from mattermost when trying to authenticate unless you physically click the upload button in the GUI after an inital setup in order to get the cert into the configurationfiles table.

Error thrown:

"msg":"SamlInterfaceLibImpl.DoLogin: An error occurred while parsing the response from the Identity Provider. Please contact your System Administrator., err=error validating response: response and/or assertions must be signed","caller":"web/saml.go:137"

Possible Solution: Maybe some kind of init container that can run mmctl commands against mattermost_local.socket I tried to get this working but eventually gave up.

Current (Bad) Workaround:

• Don't set the values of MM_SAMLSETTINGS_ENABLE or MM_SAMLSETTINGS_IDPCERTIFICATEFILE and make sure MM_TEAMSETTINGS_ENABLEOPENSERVER, MM_TEAMSETTINGS_ENABLEUSERCREATION, MM_EMAILSETTINGS_ENABLESIGNUPWITHEMAIL, and MM_EMAILSETTINGS_ENABLESIGNINWITHEMAIL are true.
• Make a temporary account after initializing the mattermost server and change those defaults in the GUI.
• Logout and back in via SAML and delete the temporary account