Custom secret resource name for the admin account. #4051
Comments
|
@LappleApple I think the current issue is a duplicate of: I picked up a PR for 2237 but after local testing (and I think I did test installing it via a local HelmChart) and releasing this feature, the app was thrown into a crash loop after installing it via a HelmChart. So, I rolled the changes back for the time being. AFAIR, the crash was happening because the new dynamic admin secret name was not also added to So, we could re-visit this issue later. I can update that PR, but I would need help with thorough testing from an OSS auth expert, like @foot , for example. Because I don't have much context on the auth and what "small" things can possibly go wrong. |
|
@opudrovs I'm happy to collaborate on this with you, and I've touched a lot of the auth code recently. |
Problem
I'm installing weave-gitops into my project namespace, because the cluster is shared between many projects and users are not allowed to create cluster-wide resources. I want to use the admin account as a backup, but currently weave-gitops supports only a secret resource named
cluster-admin-auth. For my use case, I want the secret to be named<myapp>-gitops-auth, but this cannot be done, because your weave-gitops software that runs in your weave-gitops docker images expects the secret to have the hardcoded name. It won't suffice to just use a different name in the Helm chart, because the Pod that runs your software will start screaming about not being able to find a secret namedcluster-admin-auth.Solution
I want to be able to define a custom name for the admin secret resource in the
values.yamlfile of the Helm chart.Additional context
I cannot contribute to this feature, because this requires changes in the server source code, for which I lack the capabilities to modify.
The text was updated successfully, but these errors were encountered: