Allow existing secret #2299

ramondeklein · 2024-08-28T21:06:40Z

Allow specifying s.tenant.configSecret.existingSecret in the Helm chart to prevent creating a new certificate.

aqeelat · 2024-09-08T12:15:41Z

When would this be released?

nepomucen · 2024-11-04T16:58:46Z

@ramondeklein don't we need by chance to comment out tenant.configSecret.accessKey and tenant.configSecret.secretKey fields too in chart's default values.yaml file ?

When I upgrade my minio-tenant release to 6.0.4 version, with en existing values:

...
tenant:
  configSecret:
    existingSecret: true
...

I'm failing validation:

Error: execution error at (tenant/templates/tenant-configuration.yaml:21:4): # ERROR: cannot set access-key when an existing secret is used
  Use --debug flag to render out invalid YAML

Setting these fields explicitly to empty values solves the problem.

DeyvsonL · 2025-01-28T21:09:03Z

Could we take the opportunity to allow the helm to generate random user and password when not provided?
Several other open source tools allow it and helm implementation of this feature is quite simple.

shubin-iv · 2025-02-19T12:37:10Z

helm/tenant/templates/tenant-configuration.yaml

@@ -15,6 +16,14 @@ stringData:
    export MINIO_ROOT_USER={{ .Values.tenant.configSecret.accessKey | quote }}
    export MINIO_ROOT_PASSWORD={{ .Values.tenant.configSecret.secretKey | quote }}

+{{- else }}
+{{- if (.Values.tenant.configSecret.accessKey) }}
+{{- fail "# ERROR: cannot set access-key when an existing secret is used" }}


Because of these checks, you have to set the accessKey and secretKey values to zero when you enable existingSecret, since they already set in main values.
Perhaps it would be better to remove these checks?

#2352

Yup, I've got a PR to try and fix this but it's been sat since October 😬

allow existing secret (minio#2298)

9f696fa

ramondeklein self-assigned this Aug 28, 2024

ramondeklein changed the title ~~Allow existing secret (#2298)~~ Allow existing secret Aug 28, 2024

ramondeklein requested review from pjuarezd, cniackz, cesnietor, jiuker and dvaldivia August 28, 2024 21:07

pjuarezd approved these changes Aug 28, 2024

View reviewed changes

ramondeklein mentioned this pull request Aug 28, 2024

Remove deprecated .secret from tenant Helm chart #2265

Merged

ramondeklein linked an issue Aug 28, 2024 that may be closed by this pull request

helm: tenant: Regression on tenant.configSecret.existingConfiguration #2297

Closed

shtripat approved these changes Aug 29, 2024

View reviewed changes

pjuarezd merged commit 44217fb into minio:master Aug 29, 2024
21 checks passed

ramondeklein mentioned this pull request Sep 25, 2024

Helm Chart ignores tenant.configSecret.existingSecret=true #2325

Closed

shubin-iv reviewed Feb 19, 2025

View reviewed changes

ramondeklein deleted the 2298-fix-existing-secret branch March 28, 2025 14:56

ramondeklein mentioned this pull request Mar 28, 2025

Fix issue with Helm configuration secret #2412

Open

9 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Allow existing secret #2299

Allow existing secret #2299

ramondeklein commented Aug 28, 2024 •

edited

Loading

aqeelat commented Sep 8, 2024

nepomucen commented Nov 4, 2024

DeyvsonL commented Jan 28, 2025 •

edited

Loading

shubin-iv Feb 19, 2025

drew-viles Mar 28, 2025

Allow existing secret #2299

Allow existing secret #2299

Conversation

ramondeklein commented Aug 28, 2024 • edited Loading

aqeelat commented Sep 8, 2024

nepomucen commented Nov 4, 2024

DeyvsonL commented Jan 28, 2025 • edited Loading

shubin-iv Feb 19, 2025

Choose a reason for hiding this comment

drew-viles Mar 28, 2025

Choose a reason for hiding this comment

ramondeklein commented Aug 28, 2024 •

edited

Loading

DeyvsonL commented Jan 28, 2025 •

edited

Loading