using secretKeyRef in HelmRelease dosent working
guyalo opened this issue · comments
Hi, trying to use secretKeyRef in the HelmRelease values section but doesn't evaluate the secretKeyRef but uses the literal object.
flux2 version: flux version 0.31.1
environment:: GKE
yaml:
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: rabbitmq
spec:
releaseName: rabbitmq
chart:
spec:
chart: rabbitmq
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
interval: 1h0m0s
install:
remediation:
retries: 3
values:
service:
type: LoadBalancer
auth:
password:
valueFrom:
secretKeyRef:
name: rabbitmq-password
key: value
For checking the secret that created by the rabbitmq chart running :
kubectl get secret rabbitmq -n stage -o go-template='{{range $k,$v := .data}}{{printf "%s: " $k}}{{if not $v}}{{$v}}{{else}}{{$v | base64decode}}{{end}}{{"\n"}}{{end}}'
result is:
rabbitmq-password: map[valueFrom:map[secretKeyRef:map[key:value name:rabbitmq-password]]]
the secret were not evaluated
Greetings,
helm.toolkit.fluxcd.io
is a GitOps Toolkit package API group, which is from Flux v2. This is the Helm Operator repository, which is a legacy project that pre-dates Flux v2. The better place for this report to get some attention is the helm-controller repository.
secretKeyRef:
name: rabbitmq-password
key: value
This appears to be the correct way to reference a secret. You can review the output of the Helm chart with helm get values
and helm get template
much easier than trying to decode the secret by hand.
I suspect this is a bug in the chart. Can you reproduce it with the Helm CLI? If you create a values.yaml and pass it in with --values
you should get similar results from the Helm CLI. Please let us know what you find, (if someone has write access to the helm-controller repo, perhaps this issue can be transferred there...)
Thank you, moved to flux2 repo