Conversation
nniehoff
force-pushed
the
nn_custom_config
branch
from
8c29681 to
b07a284
Compare
Signed-off-by: Nick Niehoff <github@nickniehoff.net> Signed-off-by: nniehoff <github@nickniehoff.net>
nniehoff
force-pushed
the
nn_custom_config
branch
from
b07a284 to
057240f
Compare
|
Hit exactly the same limitation |
|
Thanks for the PR @nniehoff ! If I understand correctly, not mounting the secret when it's disabled would be enough, wouldn't it? That way you can mount your templated config at the hard coded location. TBH I'm not so keen on changing the hard coded location, because it can easily lead to various issues with the builtin templating when not used correctly. Am I right, or changing the config path is still required for some reason that I missed? |
|
You are correct technically we don't need to change the hard coded config path |
Signed-off-by: Nick Niehoff <github@nickniehoff.net> Signed-off-by: nniehoff <github@nickniehoff.net>
nniehoff
force-pushed
the
nn_custom_config
branch
from
496f1c5 to
a009252
Compare
Signed-off-by: Nick Niehoff <github@nickniehoff.net> Signed-off-by: nniehoff <github@nickniehoff.net>
|
@sagikazarmark I have removed the configFile change as requested. |
Signed-off-by: Nick Niehoff <nick.niehoff@networktocode.com>
|
@sagikazarmark I have rebased this PR on the 0.9.0 version. What else is needed for this PR? |
|
@sagikazarmark I have rebased this PR on the 0.13.0 version |
3 participants
Overview
Added the
configFilevalue to allow for specifying a custom path to the config file. Also added templates helpers to only mount the secret if one is being created.What this PR does / why we need it
I am using hashicorp vault to inject a templated config file based on secrets stored in vault. The Vault injector allows me to inject the config file at any location, however the config file location is hard coded to
/etc/dex/config.yaml. I then thought fine I would inject the templated config at the same location however the vault injector adds a volume/volumeMount for this config file. This then conflicts with the secret already mounted at /etc/dex. The customconfigFilelocation would solve this problem pointing to/vault/secrets/somefile.yamlhowever then we are either creating an empty secret or attempting to mount a custom secret by a different name so I added the logic if.Values.configSecret.createis false and.Values.configSecret.nameis not defined don't try to mount a secret.Special notes for your reviewer
Checklist
Chart.yaml(see the contributing guide for details)Chart.yaml(see the contributing guide for details)make docs