Default values for secrets in values.yaml is not safe

[jimmykarily]

The way secrets are being handled in this helm chart is not optimal and can lead to security holes. One might decide to provide a values.yaml file during deployment overriding the default keys (like this one: https://github.com/concourse/concourse-chart/blob/master/values.yaml#L1962) but if the chart at some point changes the name of the key, the override will do nothing an the deployment will happen with the default keys, which could be a security problem for public facing instances. No default private key or password should ever be in the default values.yaml file otherwise one would have to go through the whole file before every deployment or upgrade to make sure no default was added that should be overriden.

A better approach would be to run a job that generates all the needed secrets if they are not already there. Let me know what you think.

[taylorsilva]

Hey @jimmykarily apologies for the late response. I agree with your reasoning. It does feel wrong to leave hard-coded secrets as defaults and the fact that helm won't tell you you typed a key wrong are good reasons to not leave defaults for any secrets.

A job sounds like a good place to generate the necessary secrets. Is this something you'd be interested in helping us build out?

[jimmykarily]

Thanks for your reply @taylorsilva. Let me see if I can craft a PR for this, later this week or the next one.

[jimmykarily]

I haven't found the time to work on this yet, sorry. If anyone else wants to try this feel free. I will keep it in my backlog but I have no ETA.

[jimmykarily]

PR is here: https://github.com/concourse/concourse-chart/pull/128 feel free to comment!