search

smallstep / helm-charts

Helm packages for Kubernetes
Apache License 2.0
49 stars 72 forks source link

Add missing namespace for step-certificates #75

Closed dpb587 closed 3 years ago

dpb587 commented 3 years ago

Hi - I found that namespace wasn't being applied to resources consistently in the step-certificates chart. Originally I had some failures after templating+applying since resources were created across --namespace= and my default namespace.

maraino commented 3 years ago

@dpb587 Are you using helm v3? On helm 3 the namespace should not be required.

I've tested it with helm3 (required) and the resources you pointed are properly installed in the namespace specified with the -n|--namespace flag.

dpb587 commented 3 years ago

Thanks for taking a look. Yes, I'm using helm v3.7.1, but note I'm doing the templating and applying steps independently, not simply an install which I agree defaults the k8s client namespace and works. When relying on the helm template command though it does not generate everything with namespaces which then complicates the subsequent steps and eventual apply.

I'm effectively doing the following...

$ helm template \
  --namespace smallstep-ca \
  --values values-inject.yaml \
  --values values-custom.yaml \
  --set inject.secrets.ca_password=$(cat password.txt) \
  --set inject.secrets.provisioner_password=$(cat password.txt) \
  ca smallstep/step-certificates \
  > rendered.yaml
# some additional audit/patch steps
$ kubectl apply -f rendered.yaml