Helm chart deployment using GCP secret manager does not configure authentication properly

[zaibon]

The code configuring the authentication to GCP Secret Manager expects the configuration to have a path to a service account file. https://github.com/Archipelo/chainloop-contrib/blob/a039a641688f6a76b1e443751035841b77ac3f13/internal/credentials/gcp/secretmanager.go#L70

But the hem chart does not upload a file, but just the content of secretsBackend.gcpSecretManager.authKey from the values.yaml file.

chainloop/deployment/chainloop/templates/_helpers.tpl

Lines 82 to 85 in f6ec84d

	gcpSecretManager:
	secretPrefix: {{ required "secret prefix required" .secretPrefix | quote }}
	projectId: {{ required "project id required" .gcpSecretManager.projectId | quote }}
	authKey: {{ required "auth key required" .gcpSecretManager.authKey | quote }}

This could be fixed by mounting a k8s secret if the authKey is set and use the path mounted in the pod.

[migmartri]

Hi @zaibon, thanks for reporting the issue. As discussed here, what you pointed out is indeed a bug in the Helm Chart.

We are already looking into it and will target a fix on the next release of the chart. Thanks!