Use a secret instead of a configmap for alpha config

oauth2-proxy / manifests

For hosting manifests to allow for the deployment of OAuth2-Proxy/OAuth2-Proxy

Apache License 2.0

170 stars 153 forks source link

Use a secret instead of a configmap for alpha config #153

Closed mkjpryor closed 1 year ago

mkjpryor commented 1 year ago

This PR addresses the concerns in #104, namely that using the alpha config requires storing the client secret in a configmap, by moving the whole alpha config to a secret.

Once we have a better way of locating secrets, this can be changed.

mkjpryor commented 1 year ago

Note that the existing behaviour of alphaConfig.existingConfig pointing to an existing configmap is retained for backwards compatibility.

mkjpryor commented 1 year ago

Note that the patch version was bumped rather than the minor version as:

The change is backwards compatible
I consider storing secret information in a configmap to be a bug

pierluigilenoci commented 1 year ago

@JoelSpeed, could you please take a look at this?

pierluigilenoci commented 1 year ago

@mkjpryor, could you please rebase?

mkjpryor commented 1 year ago

@pierluigilenoci rebase done

jessebot commented 1 year ago

Thanks for your work here! Could I ask if there's any blockers here? This feature would be awesome!

pierluigilenoci commented 1 year ago

@jessebot I was waiting for a review from @JoelSpeed. Ref: https://github.com/oauth2-proxy/manifests/issues/104#issuecomment-1233395397