hashicorp
Default vaultauthglobal in helm chart
Is your feature request related to a problem? Please describe. Currently, there is no ability to manage a default VaultAuthGlobal configuration that can be used across all Kubernetes namespaces.
Describe the solution you'd like As a consumer of this chart, it would be beneficial to manage a default VaultAuthGlobal configuration in a manner similar to defaultVaultConnection and defaultAuthMethod. This would allow consumers of the Vault Secrets Operator (VSO) to create custom VaultAuth configurations in their namespaces, only needing to specify their unique roles.
Describe alternatives you've considered An alternative approach is to create and manage the VaultAuthGlobal configuration using a Terraform resource outside of the VSO Helm chart. Since the VaultAuthGlobal crd is scoped namespace it cannot be used across all namespace so this only helps if you have multiple custom VaultAuths in each namespace.
Additional context NA
Since this request hasn't received any attention I am assuming that this is either not possible or I am thinking about this resource in the wrong way.
We bumped into this, seems not clear how to manage that resource inside the Chart, if it's even possible as is (since I don't see any resource of type VaultAuthGlobal in the templates of the chart).
Right. The only thing you can do is to specify a reference to an existing VaultAuthGlobal resource via defaultAuthMethod.vaultAuthGlobalRef which IMHO doesn't make any sense if you're installing the Helm chart for the first time and VSO CRDs do not yet exist and therefore a VaultAuthGlobal cannot exist as well.
This confused me as well. Currently enabling the default ref requires an upgrade after deploying a VaultAuthGlobal resource.
