You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In templates/ca.yaml volumes spec, {{ include "step-certificates.fullname" . }}-secrets is always mounted as a secret or configmap and cause secret doesn't exists when using inject.enabled=true and bootstrap.secret=false. I don't need any secret as I generate my own root certificate so the only key I need is the intermediate key, which is added via azure keyvault in the config file.
Subject of the issue
In templates/ca.yaml volumes spec,
{{ include "step-certificates.fullname" . }}-secrets
is always mounted as a secret or configmap and cause secret doesn't exists when usinginject.enabled=true
andbootstrap.secret=false
. I don't need any secret as I generate my own root certificate so the only key I need is the intermediate key, which is added via azure keyvault in the config file.Your environment
Steps to reproduce
Create a values.yaml
Expected behaviour
pod is created without the volume
{{ include "step-certificates.fullname" . }}-secrets
Actual behaviour
The volume is created and pod is in error state, "secret doesn't exists"
Additional context
For the deployment to work, I need to set
bootstrap.secrets=true
and set a dummy value ininject.secrets.ssh.user_ca_key="unusable"
Validations should be added in template/ca.yaml to create the volume only if values exists like it is done for all other secrets, something like
The text was updated successfully, but these errors were encountered: