Helm chart existingsecret not working in auth section

tech_a · May 9, 2024, 8:03pm

Dear All,

Is anyone face a similar issue like me?
The section of auth says that if I add a value to existingSecret that will be used. But in reality it does not work unfortunatelly

      identity:
        ## @param global.identity.auth.identity.existingSecret can be used to reference an existing secret. If not set, a random secret is generated.
        # The existing secret should contain an `identity-secret` field, which will be used as secret for the identity-identity communication.
        existingSecret: identity-password
      operate:
        existingSecret: operate-password
      tasklist:
        existingSecret: tasklist-password
      optimize:
        existingSecret: optimize-password
      console:
        existingSecret: console-password
      zeebe:
        existingSecret: zeebe-password

secrets:

console-password                     Opaque               1      31h
identity-password                    Opaque               1      31h
operate-password                     Opaque               1      31h
optimize-password                    Opaque               1      31h
tasklist-password                    Opaque               1      31h
zeebe-password                       Opaque               1      31h

In Identity UI the client passwords will be console-password,identity-password etc. Instead of value of console-password secret’s value, identity-password secret’s value…

Char version 10.0.2 (10.0.4 same for me)
Thanks

tech_a · May 12, 2024, 4:57pm

Is there anybody advice regarding to this case?

Thanks

Alex_Voloshyn · May 13, 2024, 8:02am

can you confirm that these secrets contain the following fields?
The existing secret should contain an console-secret field
The existing secret should contain an identity-secret field
The existing secret should contain an tasklist-secret field
The existing secret should contain an operate-secret field
The existing secret should contain an optimize-secret field
etc.

Alex_Voloshyn · May 13, 2024, 11:55am

Do you have your secrets in the same namespace(“camunda”)?
Do you see any difference between your manually created secrets and the helm chart generated?

Alex_Voloshyn · May 13, 2024, 12:13pm

Which one of the shared secrets is yours, name: zeebe-password or name: camunda-zeebe-identity-secret?

Alex_Voloshyn · May 13, 2024, 12:20pm

can you share the values file?

Alex_Voloshyn · May 13, 2024, 12:39pm

What if you name YOUR secrets like here Camunda 8 Helm upgrade | Camunda 8 Docs

“camunda-tasklist-identity-secret”, “camunda-console-identity-secret”, etc. ?

Alex_Voloshyn · May 13, 2024, 12:58pm

1 - Create a secret with a name like “camunda-tasklist-identity-secret”
2 - Change the value for existingSecret to camunda-tasklist-identity-secret
3 - Test if it helps

make sure that the secret value is available by path: .data.tasklist-secret

system · May 22, 2024, 6:57am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.