vault-secrets-operator icon indicating copy to clipboard operation
vault-secrets-operator copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

default VaultAuth is not generated for JWT-Auth

Open marc-aurel opened this issue 1 year ago • 0 comments

Describe the bug When enabled is set to "true" for "defaultAuthMethod" in the Helm values.yaml and method and mount are set to '"jwt" I expect a VaultAuth object to be created.

To Reproduce Steps to reproduce the behavior:

  1. Install Helm Chart application with the following values.yaml adaptations (these are the required values):
defaultAuthMethod:
  enabled: true
  method: jwt
  mount: jwt
  jwt:
    role: jwt-role
  1. either defaultAuthMethod/jwt/secretRef is set to an existing secret (in the operator namespace) or defaultAuthMethod/jwt/serviceAccount is set to an existing serviceaccount (in the operator namespace) If none is set "default" should be used as jwt/serviceAccount
  2. no VaultAuth object called "default" is created (like with VaultConnection)

Expected behavior If "defaultAuthMethod" is enabled in values.yaml I expect that a default VaultAuth object is created in the "vault" namespace where the operator is deployed. If I just set defaultAuthMethod/jwt/serviceAccount I also expect an serviceaccountToken-secret to be autocreated.

Environment

  • Kubernetes version: v1.26.14
  • vault-secrets-operator version: 0.6.0

marc-aurel avatar Apr 25 '24 15:04 marc-aurel