Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Allow specifying API Key via reference to an external Secret #72

Merged
merged 10 commits into from
Dec 19, 2023
Merged

feat: Allow specifying API Key via reference to an external Secret #72

merged 10 commits into from
Dec 19, 2023

Conversation

ekampf
Copy link
Contributor

@ekampf ekampf commented Dec 15, 2023

Related Tickets & Documents

Changes

Added existingAPIKeySecret definition to values.yaml

@ekampf ekampf requested a review from liorr December 18, 2023 18:24
twingate-blee
twingate-blee reviewed Dec 18, 2023
View reviewed changes
deploy/twingate-operator/values.schema.json Outdated
"properties": {
"apiKey": { "type": "string" },
"existingAPIKeySecret": {
"type": "object",
"title": "An existing secret with the API Key to be used by the operator. If this is specified, the apiKey field will be ignored.",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this is correct. When I pass in both twingateOperator.existingAPIKeySecret.name and twingateOperator.apiKey the apiKey is not ignored. It throws an error

helm template --debug -f values.yaml --set twingateOperator.existingAPIKeySecret.name=mysecret --set twingateOperator.existingAPIKeySecret.key=mykey --set twingateOperator.apiKey=test --set twingateOperator.network=test --set twingateOperator.remoteNetworkId=test .

Error: values don't meet the specifications of the schema(s) in the following chart(s):
twingate-operator:
- twingateOperator: Must validate one and only one schema (oneOf)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right. I learned how to use oneOf :)
will update

twingate-blee
twingate-blee reviewed Dec 18, 2023
View reviewed changes
deploy/twingate-operator/values.yaml
@@ -4,6 +4,9 @@

twingateOperator: {}
Copy link
Member

@twingate-blee twingate-blee Dec 18, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since apiKey, network, remoteNetworkId are required should we have those uncommented so people don't think they are optional.

Also maybe add a comment to either use apiKey or existingAPIKeySecret.

When not passing either there is an error

twingate-operator:
- twingateOperator: Must validate one and only one schema (oneOf)
- twingateOperator: apiKey is required

Should that be changed to "apiKey or existingAPIKeySecret1.name is required"

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I dont control that error information it comes from schema validation...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Re uncommenting - I want people to explicitly have to uncomment and put values there rather than run with default values which will seem like its working

twingate-blee
twingate-blee approved these changes Dec 19, 2023
View reviewed changes
Copy link
Member

@twingate-blee twingate-blee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@ekampf ekampf merged commit a028068 into main Dec 19, 2023
12 checks passed
@ekampf ekampf deleted the 71-feat-allow-specifying-an-apikey-by-referencing-an-existing-secret branch December 19, 2023 17:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@twingate-blee twingate-blee twingate-blee approved these changes

@liorr liorr Awaiting requested review from liorr

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ekampf @twingate-blee