arttor
Secret value not transferred to output values.yaml
I have a secret defined in a kubernetes yaml file but the value doesn't get transferred to generated values.yaml file
Input
apiVersion: v1
kind: Secret
metadata:
name: db-password
type: Opaque
data:
password: c3VwZXJzZWNyZXRwYXNzd29yZAo=
Output
dbPassword:
password: ""
kubernetesClusterDomain: cluster.local
Expected output
dbPassword:
password: "supersecretpassword"
kubernetesClusterDomain: cluster.local
Hi @Vaintti, thank you for the question. This was done on purpose. In most cases, generated chart will be stored in git. In this case, it is not a good idea to have secrets in values.yaml. So secretes are omitted from values.yaml and marked as required in a template to force chart user to provide it as flags in helm install.
Just thinking if this should be made possible with a flag. --use-unsafe-secrets or something to make it clear it's not the safest of practices
I agree that it is inconvenient but it is true for all security measures. I suggest not implementing this option right now. But we can do so if we have more votes for this feature.
I'm interested. My use case would be something like: Take a single kubernetes.yaml coming from the repository, concatenate it with a local secret.yaml, run helmify, and apply the resulting helmchart. It would be useful in airgaped scenarios
In most cases, using a template is the correct approach. However, in some cases, I require an instance configuration that can be used for quick conversion and unified management. In such cases, I prefer the configuration to remain as close to the original as possible, so that I can use it quickly.
I suggest splitting it into different modes. This can help avoid similar issues from occurring.
