Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for ExtraObjects like additionals secrets #3227

Open
2 tasks done
bilyboy785 opened this issue Dec 15, 2023 · 3 comments · May be fixed by dexidp/helm-charts#143
Open
2 tasks done

Support for ExtraObjects like additionals secrets #3227

bilyboy785 opened this issue Dec 15, 2023 · 3 comments · May be fixed by dexidp/helm-charts#143

Comments

@bilyboy785
Copy link

Preflight Checklist

  • I agree to follow the Code of Conduct that this project adheres to.
  • I have searched the issue tracker for an issue that matches the one I want to file, without success.

Problem Description

I'm searching for adding custom resources, like new secrets.

Proposed Solution

It would be great to add to the helm chart an extraObjects array that allow users to add resources.

Alternatives Considered

No response

Additional Information

App V: 2.37.0
Chart V: 0.15.3
@nabokihms
Copy link
Member

nabokihms commented Dec 27, 2023
edited
Loading

@bilyboy785, could you elaborate more on your use case? Why do you need to deploy secrets as the part of the chart?

@bilyboy785
Copy link
Author

Hello @nabokihms , we are using Secret Manager on GCP and SecretProviderClass kind to use Secrets in our Helm manifests. So i needed to add new resources in the template directory of Dex for SecretProviderClass.

Exemple

I use secretProviderClass to call my secret from GCP, and use them in the value file

My secretProviderClass.yaml :

---
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
  name: dex-secrets
  annotations:
    argocd.argoproj.io/sync-wave: '-2'
    argocd.argoproj.io/hook: PreSync
    argocd.argoproj.io/hook-delete-policy: BeforeHookCreation
spec:
  provider: gcp
  secretObjects:
    - secretName: dex-secrets
      type: Opaque
      data:
        - objectName: DEX_ARGOWORKFLOWS_CLIENT_SECRET
          key: dex_argoworkflows_client_secret
        - objectName: DEX_ARGOCD_CLIENT_SECRET
          key: dex_argocd_client_secret
  parameters:
    secrets: |
      - resourceName: "projects/XXXXX/secrets/DEX_ARGOWORKFLOWS_CLIENT_SECRET/versions/latest"
        fileName: DEX_ARGOWORKFLOWS_CLIENT_SECRET
      - resourceName: "projects/XXXXX-exploitation/secrets/DEX_ARGOCD_CLIENT_SECRET/versions/latest"
        fileName: DEX_ARGOCD_CLIENT_SECRET

And the secret used in the values.yaml file :

[...]
envVars:
  - name: ARGO_WORKFLOWS_SSO_CLIENT_SECRET
    valueFrom:
      secretKeyRef:
        name: dex-secrets
        key: dex_argoworkflows_client_secret
[...]

I we could use an extraObjects array in the values.yaml file, it could be great to avoid adding extra files to the template directory.

This was referenced Aug 23, 2024
Closed
Closed
Open
@bilyboy785
Copy link
Author

Hi @nabokihms any news on this ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@bilyboy785 @nabokihms