Open
Description
Hello
I have problem with re-using existing secret on Kubernetes to access S3, it won't fetch AWS Access and Secret Keys from existing secret and renders them empty.
Chart Version: 9.7.0
Relevant Values:
s3:
enabled: true
auth:
secretKeys:
accessKeyId: aws-access-key
secretAccessKey: aws-secret-access-key
existingSecret: openproject-secrets
region: eu-west-1
bucketName: company-openproject
pathStyle: true
signatureVersion: 4
useIamProfile: false
enableSignatureV4Streaming: true
directUploads: true
Secret itself (openproject-secrets)
apiVersion: v1
data:
aws-access-key: ABC=
aws-secret-access-key: XYZ=
db-password: PASSWORD
now it will render openprojects-s3 secret with content
apiVersion: v1
data:
OPENPROJECT_ATTACHMENTS__STORAGE: Zm9n
OPENPROJECT_DIRECT__UPLOADS: dHJ1ZQ==
OPENPROJECT_FOG_CREDENTIALS_AWS__ACCESS__KEY__ID: ""
OPENPROJECT_FOG_CREDENTIALS_AWS__SECRET__ACCESS__KEY: ""
OPENPROJECT_FOG_CREDENTIALS_AWS__SIGNATURE__VERSION: NA==
OPENPROJECT_FOG_CREDENTIALS_ENABLE__SIGNATURE__V4__STREAMING: dHJ1ZQ==
OPENPROJECT_FOG_CREDENTIALS_PATH__STYLE: dHJ1ZQ==
OPENPROJECT_FOG_CREDENTIALS_PROVIDER: QVdT
OPENPROJECT_FOG_CREDENTIALS_REGION: ZXUtd2VzdC0x
OPENPROJECT_FOG_CREDENTIALS_USE__IAM__PROFILE: ZmFsc2U=
OPENPROJECT_FOG_DIRECTORY: <BUCKET>
Any idea what is going on? Anyone had success with using existing secret? I swear looking at template it should work.
Also, any plans to introduce support for IRSA/Pod Identity on EKS?
Metadata
Assignees
Labels
No labels
Activity