hydra-maester
hydra-maester copied to clipboard
ory
Allow to set multiple client ids/secrets in a same K8s secret
Preflight checklist
- [x] I could not find a solution in the existing issues, docs, nor discussions.
- [x] I agree to follow this project's Code of Conduct.
- [x] I have read and am following this repository's Contribution Guidelines.
- [x] I have joined the Ory Community Slack.
- [ ] I am signed up to the Ory Security Patch Newsletter.
Ory Network Project
No response
Describe your problem
In a specific context, I want to be able to define client_id_key and client_secret_key per client definition. Currently, it's only possible to define a env var to override the key for all clients.
Describe your ideal solution
Add clientIdKey and clientSecretKey in Oauth2Client spec
---
apiVersion: hydra.ory.sh/v1alpha1
kind: OAuth2Client
metadata:
name: my-client-1
spec:
secretName: my-secret
clientIdKey: client-id-2
clientSecretKey: client-secret-2
...
---
apiVersion: hydra.ory.sh/v1alpha1
kind: OAuth2Client
metadata:
name: my-client-2
spec:
secretName: my-secret
clientIdKey: client-id-2
clientSecretKey: client-secret-2
...
Workarounds or alternatives
I made a loop in my chart to load secrets
{{- range $clientName, $clientConfig := .Values.oauth2client.clients }}
- name: {{ $clientConfig.clientIdEnvVarName }}
valueFrom:
secretKeyRef:
name: {{ $clientName }}-oauth2client-secret
key: CLIENT_ID
- name: {{ $clientConfig.clientSecretEnvVarName }}
valueFrom:
secretKeyRef:
name: {{ $clientName }}-oauth2client-secret
key: CLIENT_SECRET
{{- end }}
WDYT to do the following:
envFrom:
- secretRef:
name: my-secret
Version
0.0.36
Additional Context
No response
