multicloud-gitops icon indicating copy to clipboard operation
multicloud-gitops copied to clipboard

Published 20 hours ago verified publisher icon validatedpatterns

explain secrets password format

Open ikke-t opened this issue 2 years ago • 1 comments
trafficstars

It seems secrets format has changed since I last used it. I didn't see it explained anywhere. So looking around I ended up with this:

  - name: ldap
    vaultPrefixes:
      - global
    fields:
      - name: bindPassword
        value: foobar
        onMissingValue: generate
        vaultPolicy: validatedPatternDefaultPolicy

which compalains:

TASK [vault_utils : Loads secrets file into the vault of a cluster] ***************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Secret has onMissingValue set to 'generate' but has a value set"}

Value is not missing, it should just ignore that generate field. Variable name "onMissingValue" would indicate it ignores this if value is set.

But alltogether, the format of secrets file should be described in the doc. As of current, it doesn't have "value:" in example.

ikke-t avatar Jun 05 '23 13:06 ikke-t

I added https://github.com/hybrid-cloud-patterns/multicloud-gitops/pull/262 with a link to the specs. Maybe we should open up a dedicated section in the docs to cover for this in a more visible way?

mbaldessari avatar Jun 06 '23 07:06 mbaldessari