[Kratos] - allow for custom yaml configmap name

[Davincible]

Preflight checklist

• [X] I could not find a solution in the existing issues, docs, nor discussions.
• [X] I agree to follow this project's Code of Conduct.
• [X] I have read and am following this repository's Contribution Guidelines.
• [ ] This issue affects my Ory Cloud project.
• [ ] I have joined the Ory Community Slack.
• [ ] I am signed up to the Ory Security Patch Newsletter.

Describe your problem

Currently, you can only config Kratos through either inline yaml in values.yaml, or specify every option through the env variables. Since the config contains info I don't want in VCS, I'm trying to avoid the former, but the latter becomes tedious when you want to specify a lot of custom values.

Describe your ideal solution

It would be much nicer if just like with the secret, you could provide a custom configmap name that will be used as configuration, so you can in yaml define the whole config, and avoid it going into VCS.

Workarounds or alternatives

Envs

Version

latest

Additional Context

No response

[Davincible]

Just found out that as a work around I can add an extra -c file.yaml and volume mount

[Demonsthere]

Hi there! If you are concerned about leaking sensitive data within the values/VCS, I would recommend overwriting those values with envs that are read from secrets. this should be more secure then providing a custom cm 😉

[Davincible]

Yes but you don't want to write out 20 ENVs. I managed to solve it like this, but the stateful set is missing the extraArgs option

deployment:
  extraVolumes:
    - name: config-volume
      configMap:
        name: kratos-config-extra
  extraVolumeMounts:
    - name: config-volume
      mountPath: /etc/kratos/
  extraArgs:
    - -c
    - /etc/kratos/config.yaml

statefulset:
  extraVolumes:
    - name: config-volume
      configMap:
        name: kratos-config-extra
  extraVolumeMounts:
    - name: config-volume
      mountPath: /etc/kratos/
  extraArgs:
    - -c
    - /etc/kratos/config.yaml