kubernetes-monitor icon indicating copy to clipboard operation
kubernetes-monitor copied to clipboard

Published 20 hours ago verified publisher icon snyk

[🙏] Add optional secret to set dockercfg.json and integrationId

Open JorritSalverda opened this issue 2 years ago • 3 comments

Describe the user need

In order to avoid having to manually create a snyk-monitor secret with dockercfg.json and integrationId item it would be useful to have an optional secret for this in the Helm chart. Right now we have to create a secondary internal Helm chart to create this secret in an automated fashion.

Describe expected behaviour

The values could look something like the following:

secret:
  enable: false
  dockercfg: {}
  integrationID: ""

It would be nice if the values for dockercfg and dockercfg are readable and get base64 encoded by the secret template.

JorritSalverda avatar Aug 17 '21 15:08 JorritSalverda

Hey @JorritSalverda

Are you deploying the snyk-monitor in a non-default namespace? How does your current two-chart deployment process look like? I would imagine you would need to create the namespace in the first place automatically (otherwise you cannot deploy the chart) but I'm trying to understand why the secret cannot be created in a similar way, e.g. kubectl create namespace and kubectl create secret. Is this for an integration with a specific product e.g. ArgoCD?

ivanstanev avatar Aug 17 '21 15:08 ivanstanev

Hi @ivanstanev we're deploying snyk-monitor in namespace snyk-monitor.

We're using the helmfile tool to deploy multiple Helm charts into different namespaces for all of our clusters. The helmfile tool automatically creates the namespace for us, so we never use kubectl for rolling out our baseline tooling to 50+ GKE clusters.

There's now 2 charts we deploy to the snyk-monitor namespace, namely an internal one with the snyk-monitor secret and the snyk-charts/snyk-monitor chart that then uses that secret.

JorritSalverda avatar Aug 17 '21 15:08 JorritSalverda

Describe the user need

In order to avoid having to manually create a snyk-monitor secret with dockercfg.json and integrationId item it would be useful to have an optional secret for this in the Helm chart. Right now we have to create a secondary internal Helm chart to create this secret in an automated fashion.

Describe expected behaviour

The values could look something like the following:

secret:
  enable: false
  dockercfg: {}
  integrationID: ""

It would be nice if the values for dockercfg and dockercfg are readable and get base64 encoded by the secret template.

Jimimaku avatar Nov 27 '22 06:11 Jimimaku