-
Notifications
You must be signed in to change notification settings - Fork 456
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tenant is getting an empty string from env referencing a secret #2279
Comments
Operator v6 saves the environment variable to a configuration file on disk, but it only seems to support environment variables that are mapped explicitly to a value (source): func envVarsToFileContent(envVars []corev1.EnvVar) string {
content := ""
for _, env := range envVars {
content += fmt.Sprintf("export %s=\"%s\"\n", env.Name, env.Value)
}
return content
} It should also be able to resolve variables that are mapped using |
I think this needs a fix, because it breaks existing behavior where the environment variables were directly mapped into the pod (like in v5). I can imagine you want to hide some values in a secret... |
Yes, I would very much like to keep secrets a secret 😄 |
@EStork09 As a temporary workaround, you can also add |
After upgrading to 6.0.x, the tenant is no longer getting the environment value from the secret.
i.e.
shows up in the
/tmp/minio/config.env
asexport MINIO_IDENTITY_OPENID_CLIENT_SECRET_PRIMARY_IAM=""
Expected Behavior
export MINIO_IDENTITY_OPENID_CLIENT_SECRET_PRIMARY_IAM=""
should be a value and not an empty string.Current Behavior
export MINIO_IDENTITY_OPENID_CLIENT_SECRET_PRIMARY_IAM=""
is being set as an empty string.Possible Solution
I suppose I could look at putting the secret in the config file with the admin credentials, but I would rather keep that clean and just what is needed.
Steps to Reproduce (for bugs)
Context
My OIDC auth has failed because it is now passing an empty string as teh secret.
Regression
Yes? v6.0.x
Your Environment
minio-operator
): 6.0.2uname -a
):Linux rke2-worker-1 6.1.0-23-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.99-1 (2024-07-15) x86_64 GNU/Linux
The text was updated successfully, but these errors were encountered: