helm-charts icon indicating copy to clipboard operation
helm-charts copied to clipboard
verified publisher icon temporalio

[Feature Request] Add the ability to set custom secret key for existing persistence secret

Open JoshVee opened this issue 3 years ago • 2 comments

Is your feature request related to a problem? Please describe.

The Helm chart currently defaults to a secret key password when using an existingSecret for persistence credentials. This does not work in all circumstances, for example the Bitnami Postgres chart creates a secret with postgresql-password.

Describe the solution you'd like

The chart could provide a dynamic value for the existingSecretKey and default to password if it's not set.

Additional context

Example error when using the Bitnami chart:

containerStatuses:
    - image: docker.io/temporalio/server:1.14.0
      imageID: ''
      lastState: {}
      name: temporal-worker
      ready: false
      restartCount: 0
      started: false
      state:
        waiting:
          message: >-
            couldn't find key password in Secret
            default/app-staging-postgres-postgresql
          reason: CreateContainerConfigError

JoshVee avatar Feb 08 '22 03:02 JoshVee

The secretKey is derived here:

https://github.com/temporalio/helm-charts/blob/master/templates/_helpers.tpl#L314

joebowbeer avatar Sep 19 '22 20:09 joebowbeer

I believe this could be solved by replacing this:

{{- print "password" -}}

With something like:

{{- $storeConfig.sql.secretKey -}}

kenske avatar Mar 02 '23 18:03 kenske