charts
charts copied to clipboard
[vikunja] Configuration may contain secrets, stored as configmap
Helm chart name
vikunja
Helm chart version
5.5.3
Container name
vikunja/api
Container tag
0.17.1
Description
Vikunja configuration can contain several secrets (JWT, OpenID secrets, etc) but is stored as a ConfigMap.
Most settings can be sourced from the environment instead, but not the authentication configuration.
Expected result
Secret values should be in secrets
Helm values to reproduce
vikunja:
config: |-
auth:
openid:
providers:
- name: Foo
clientsecret: secret-is-in-the-name
Additional Information
No response
Repo link
No response
And while we're at it, please update to version 0.18.2 :)
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in two weeks if no further activity occurs. Thank you for your contributions.
/unstale
is there any way to get a human to notice these bugs before the robot does? This is a security issue..
I will switch to the truecharts version as it seems to be better maintained generally, with a volume for assets already configured: https://truecharts.org/docs/charts/stable/vikunja/#source-code
Whelp #1761