You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Right now, I need to pass in synthetics.privateLocationKey as a parameter to the helm chart (which then winds up as an environment variable in the StatefulSet.) I'm using ArgoCD to deploy and manage my helm deployments, and I'm using a Git repository to store my ArgoCD application manifests - this means I don't have any choice but to check my private location key into my Git repo in order for ArgoCD to deploy the helm chart. I don't feel like that's a good practice. (Additionally, the location key can be viewed in plaintext by describing the minion StatefulSet.)
Describe the solution you'd like
I would love it if we could pass in the name of a pre-created secret as the value for synthetics.privateLocationKey, instead of the key itself. The Helm chart could then refer to the secret's value and inject that into the pod's environment variables. That way, the key doesn't have to be checked into Git in order for ArgoCD to maintain helm deployments, and we can treat it like we would any other secret.
Describe alternatives you've considered
I can't think of a better way to obscure this secret so it doesn't wind up in the Git repo I use to manage ArgoCD. If there's a way to have the app manifest itself pull arguments from a secret, I haven't found it.
Additional context
For reference, this is what deploying a helm chart via ArgoCD is like:
Is your feature request related to a problem? Please describe.
Right now, I need to pass in
synthetics.privateLocationKey
as a parameter to the helm chart (which then winds up as an environment variable in the StatefulSet.) I'm using ArgoCD to deploy and manage my helm deployments, and I'm using a Git repository to store my ArgoCD application manifests - this means I don't have any choice but to check my private location key into my Git repo in order for ArgoCD to deploy the helm chart. I don't feel like that's a good practice. (Additionally, the location key can be viewed in plaintext by describing the minion StatefulSet.)Describe the solution you'd like
I would love it if we could pass in the name of a pre-created
secret
as the value forsynthetics.privateLocationKey
, instead of the key itself. The Helm chart could then refer to the secret's value and inject that into the pod's environment variables. That way, the key doesn't have to be checked into Git in order for ArgoCD to maintain helm deployments, and we can treat it like we would any other secret.Describe alternatives you've considered
I can't think of a better way to obscure this secret so it doesn't wind up in the Git repo I use to manage ArgoCD. If there's a way to have the app manifest itself pull arguments from a secret, I haven't found it.
Additional context
For reference, this is what deploying a helm chart via ArgoCD is like:
https://argoproj.github.io/argo-cd/user-guide/helm/
The text was updated successfully, but these errors were encountered: