Mike Kantzer

To do that, I'd need to generate the secret from outside the helm chart. Which would be perfectly fine, except that the helm chart still generates the object, and the...

Well, as currently implemented, and with `.Values.agentInjector.certificate.method: helm`, it's not; The "regenerate" flag just tells it if it should use newly-generated values, or use the existing ones in the secret...

What you're saying doesn't work: - the chart sources the data from whatever secret is named `{{ .Values.agentInjector.secret.name }}` - the chart creates a secret named `{{ .Values.agentInjector.secret.name }}` There...

Also, directly using a provided secret would be helpful when the certificates are generated by some other cluster action, and the values should be updated outside of the `helm apply`...

@thallgren Just opened https://github.com/telepresenceio/telepresence/pull/3618 for it. I'm not sure if you have a process for testing the charts, but I'm pretty sure this should cover it?