search

minio / operator

Simple Kubernetes Operator for MinIO clusters :computer:
https://min.io/docs/minio/kubernetes/upstream/index.html
GNU Affero General Public License v3.0
1.18k stars 448 forks source link

helm release 6.0.1 can't use .tenant.configSecret #2255

Closed JoKrefting closed 4 weeks ago

JoKrefting commented 1 month ago

Expected Behavior

Expectation is, that i can start using .tenant.configSecret on first deployment like in docs:

tenant:
  configSecret:
    name: myminio-env-configuration
    accessKey: minio 
    secretKey: minio123

Current Behavior

The current default value in values.yaml

secrets:
  name: myminio-env-configuration
  accessKey: minio 
  secretKey: minio123

Results into error: Error: execution error at (tenant/templates/tenant-configuration.yaml:5:4): ERROR: '.secrets' and '.tenant.configSecret' are mutually exclusive. Please use 'tenant.configSecret' instead.

Possible Solution

Define secrets section to be empty like:

secrets: {}

Alternative could be adapting the logic within tenant/templates/tenant-configuration.yaml to use e.g. a priorization like:

  1. if .tenant.configSecret is defined -> create secret -> ignore possible .secret definition

Steps to Reproduce (for bugs)

  1. run helm template tenant minio/tenant --set tenant.configSecret.name="myminio-env-configuration" --set tenant.configSecret.accessKey="minio" --set tenant.configSecret.secretKey="minio123"

Context

Make use of new secret structure was the goal.

jiuker commented 1 month ago

You should run it with --set secrets={} @JoKrefting

JoKrefting commented 1 month ago

@jiuker overwriting defaults in this manner is not supported by helm at all. Once a default value is defined it is always present for dictionary at least. So if i run: helm template tenant minio/tenant --set tenant.configSecret.name="myminio-env-configuration" --set tenant.configSecret.accessKey="minio" --set tenant.configSecret.secretKey="minio123" --set secrets={} I still get: Error: execution error at (tenant/templates/tenant-configuration.yaml:5:4): ERROR: '.secrets' and '.tenant.configSecret' are mutually exclusive. Please use 'tenant.configSecret' instead.

One i use --set secrets=null it actually starts working. Found this here. So kinda resolved, even though i see a potential for improvement still in default setup ;) Thx.

rafaelromcar-parabol commented 1 month ago

IMHO this is a bug. .secrets is marked as deprecated and .tenant.configSecret is supposed to be used, and yet .secrets has a value by default. There should not be any need to run it using --set secrets=null.

stephan2012 commented 1 month ago

IMHO this is a bug. .secrets is marked as deprecated and .tenant.configSecret is supposed to be used, and yet .secrets has a value by default. There should not be any need to run it using --set secrets=null.

Workaround:

secrets: ~