Comments (3)
the blueprints
option doesn't really do anything special, it simply mounts the config map under /blueprint/mounted/{{ configmap-name }}
, so you can .volumeMounts
and .volumes
to do the same with secrets
@rissson do we also want to make a breaking change for this for 2024.1 to allow secrets to be mounted?
from helm.
Sure, we can
from helm.
Thanks for the info @BeryJu ,
If anyone needs a working solution
Content of the Azure Key Vault secret (called authentik-blueprint
) is formatted as JSON:
{
"authentik-blueprint.yaml": "BASE64-ENCODED-BLUEPRINT"
}
The external-secret (it extracts the KV secret content to kubernetes):
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: authentik-blueprint
namespace: authentik
spec:
data:
- remoteRef:
conversionStrategy: Default
decodingStrategy: Base64
key: authentik-blueprint
property: authentik-blueprint.yaml
secretKey: authentik-blueprint.yaml
refreshInterval: 1h
secretStoreRef:
kind: ClusterSecretStore
name: azurekv
And finally, I had to update the Authentik helm chart with the following volumes / volumeMounts:
volumes:
- name: authentik-blueprint
secret:
secretName: authentik-blueprint
items:
- key: authentik-blueprint.yaml
path: authentik-blueprint.yaml
volumeMounts:
- name: authentik-blueprint
mountPath: /blueprints/mounted
readOnly: true
from helm.
Related Issues (20)
- Running authentik with pgpool HOT 1
- support referencing kubernetes secrets for postgres & redis configuration HOT 2
- PDB does not use right set of labels as selector HOT 1
- <.Chart.IsRoot>: can't evaluate field IsRoot in type interface {}
- Bug: Error in 2024.2.0 helm chart ingress HOT 1
- additionalObjects "cannot retrieve Template.Basepath from values inside tpl function" HOT 1
- Error when enabling geoip in chart HOT 1
- bug: invalid YAML templates/server/deployment.yaml HOT 1
- nodeSelectorTerms is set to an empty object when configuring server or worker affinity HOT 1
- Authentik shows internal pod IPv6 for Users instead of public IP HOT 1
- Secret blueprints treated as ConfigMap volumes HOT 1
- [Question] Environment variables failing to be detected HOT 2
- 2024.4.0 Update - Worker Pod Startup Probe Fails HOT 2
- Install server instance as a DaemonSet HOT 5
- Can't generate kubeconfig file for remote cluster integration using the authentik-remote-cluster helmchart HOT 1
- Chart Email Settings - allow SMTP Password to be secret HOT 1
- Upgrading from 2023.10.7 to 2024.2.3 with argocd, failed with redis template HOT 1
- Configuring email doesn't work due to type mismatch HOT 4
- can not access inital setup page if email is added in values.yaml HOT 1
- Update postgresql chart HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from helm.