changeset-bot[bot]
commented
9 months ago 🦋 Changeset detected
Latest commit: 718aaac12a7f17c02232503022811cf85376e62b
The changes in this PR will be included in the next version bump.
This PR includes changesets to release 1 package
| Name | Type | | ------------------------ | ----- | | @openproject/helm-charts | Minor |Not sure what this means? Click here to learn what changesets are.
Click here if you're a maintainer who wants to add another changeset to this PR
Hello,
Please consider this as a enhancement suggestion as we are aware that this is not a bug from your side.
Please find our detailed reasoning for this below if needed as additional explanation.
This should allow usage in .Values.openproject.oidc.extraOidcSealedSecret pointing to custom generated sealed secret to load following values:
As this separates IDENTIFIER and SECRET in sealed-secret, while rest of the OIDC configuration values are stored in Secret.
What was our goal?
To have OpenProject Helm charts sealed-secrets loaded for OIDC working without using of
lookupfunction (ArgoCD related issue)How we achieved this?
Sealed-secret was created first:
When secret is manually created we noted that important part to note is (upper .Values.openproject.oidc.provider) to match other OPENPROJECT_OPENID_CONNECT* environment vars.
So if oidc.provider is 'providerhere' keys for
kubectl create secretare:In this case we got our two desired values in sealed secret.
Now we need to load them. I have noticed that there is one
extraEnvVarsSecretnot used in values.yaml: https://github.com/opf/helm-charts/blob/main/charts/openproject/values.yaml#L261It also loads this
extraEnvVarsSecretsecret at just the right spot: https://github.com/opf/helm-charts/blob/main/charts/openproject/templates/_helpers.tpl#L114C1-L117C13Afterwards, everything was loaded properly when I performed test as suggested earlier. As well from browser and in the admin area it shows/loads proper values.
Thank you and have a great day!