Skip to content

Allow using an externally provided secret for the tunnel credentials #38

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 18, 2023
Merged

Allow using an externally provided secret for the tunnel credentials #38

merged 1 commit into from
Jul 18, 2023

Conversation

froblesmartin
Copy link
Contributor

As raised also in #36, it would be nice to be able to use an externally provided secret instead of only passing the secrets as plain text in the values.yaml.

There are many ways to provision secrets into Kubernetes securely (Sealed Secrets, CSI Provisioners, ...), and to be able to use those in a flexible way, secrets should always offer the possibility to reference them and not generate them with the Helm chart itself.

@obezuk , pinging you as I have seen you are the only maintainer interacting in this repository lately.

@froblesmartin froblesmartin force-pushed the allow-external-secret branch from 44fa2f6 to dd42a6d Compare July 2, 2023 20:13
@froblesmartin froblesmartin force-pushed the allow-external-secret branch from dd42a6d to b37071c Compare July 2, 2023 20:26
@froblesmartin
Copy link
Contributor Author

froblesmartin commented Jul 2, 2023
edited
Loading

I am also removing tunnelName from the credentials.json file from the Secret, as it is only required in the config.yaml file from the ConfigMap.

@froblesmartin froblesmartin mentioned this pull request Jul 5, 2023
Open
@erickaby
Copy link

erickaby commented Jul 6, 2023

Would be great to add this, we are blocked using this chart until this PR is merged.

@froblesmartin
Copy link
Contributor Author

Pinging @mattalberts and @jalateras

@tiagovrtr
Copy link

Great addition, thanks

@Eusebiotrigo
Copy link

Thanks for this contribution!

obezuk
obezuk approved these changes Jul 18, 2023
View reviewed changes
Copy link
Contributor

@obezuk obezuk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good, thank you for your contribution!

@obezuk obezuk merged commit 46a04f8 into cloudflare:main Jul 18, 2023
@froblesmartin froblesmartin deleted the allow-external-secret branch July 18, 2023 18:11
@mergwyn mergwyn mentioned this pull request Aug 14, 2023
Closed
@hedgieinsocks hedgieinsocks mentioned this pull request Mar 7, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
1 more reviewer

@obezuk obezuk obezuk approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@froblesmartin @erickaby @tiagovrtr @Eusebiotrigo @obezuk