Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allowing for custom config path #85

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Allowing for custom config path #85

wants to merge 6 commits into from

Conversation

nniehoff
Copy link

@nniehoff nniehoff commented May 14, 2022
edited
Loading

Overview

Added the configFile value to allow for specifying a custom path to the config file. Also added templates helpers to only mount the secret if one is being created.

What this PR does / why we need it

I am using hashicorp vault to inject a templated config file based on secrets stored in vault. The Vault injector allows me to inject the config file at any location, however the config file location is hard coded to /etc/dex/config.yaml. I then thought fine I would inject the templated config at the same location however the vault injector adds a volume/volumeMount for this config file. This then conflicts with the secret already mounted at /etc/dex. The custom configFile location would solve this problem pointing to /vault/secrets/somefile.yaml however then we are either creating an empty secret or attempting to mount a custom secret by a different name so I added the logic if .Values.configSecret.create is false and .Values.configSecret.name is not defined don't try to mount a secret.

Special notes for your reviewer

Checklist

  • Change log updated in Chart.yaml (see the contributing guide for details)
  • Chart version bumped in Chart.yaml (see the contributing guide for details)
  • Documentation regenerated by running make docs

@nniehoff
Allowing for custom config path
057240f 
Signed-off-by: Nick Niehoff <github@nickniehoff.net>
Signed-off-by: nniehoff <github@nickniehoff.net>
@Udbv
Copy link

Udbv commented May 15, 2022

Hit exactly the same limitation

@sagikazarmark
Copy link
Member

Thanks for the PR @nniehoff !

If I understand correctly, not mounting the secret when it's disabled would be enough, wouldn't it? That way you can mount your templated config at the hard coded location.

TBH I'm not so keen on changing the hard coded location, because it can easily lead to various issues with the builtin templating when not used correctly.

Am I right, or changing the config path is still required for some reason that I missed?

@nniehoff
Copy link
Author

You are correct technically we don't need to change the hard coded config path

@nniehoff
PR Comments
a009252 
Signed-off-by: Nick Niehoff <github@nickniehoff.net>
Signed-off-by: nniehoff <github@nickniehoff.net>
@nniehoff
Merge branch 'master' into nn_custom_config
55b2c47 
Signed-off-by: Nick Niehoff <github@nickniehoff.net>
Signed-off-by: nniehoff <github@nickniehoff.net>
@nniehoff
Copy link
Author

@sagikazarmark I have removed the configFile change as requested.

@nniehoff
Rebasing on 0.9.0
223ce07 
Signed-off-by: Nick Niehoff <nick.niehoff@networktocode.com>
@nniehoff
Copy link
Author

@sagikazarmark I have rebased this PR on the 0.9.0 version. What else is needed for this PR?

@nniehoff
Copy link
Author

@sagikazarmark I have rebased this PR on the 0.13.0 version

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nniehoff @Udbv @sagikazarmark