Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integration with helm-secrets #41

Closed
sstarcher opened this issue Mar 2, 2018 · 7 comments
Closed

Integration with helm-secrets #41

sstarcher opened this issue Mar 2, 2018 · 7 comments
Labels
enhancement

Comments

@sstarcher
Copy link
Contributor

I would be interested in getting helmfile integrated with the helm-secrets project. From looking at it, it might be possible to just change the helm binary that is called to the helm-secrets wrapper with a command line flag.

https://github.com/futuresimple/helm-secrets

How are others handling secrets?
@sstarcher sstarcher mentioned this issue Mar 2, 2018
Closed
@mumoshu
Copy link
Collaborator

mumoshu commented Mar 4, 2018

What a conincidence!
As I have already adapted to helm-secrets for secret management, I'm definitely interested in having an integration for that, too.

I'd like to have a more general or user-friendly way than adhocly implementing an unintuitive flag like --helm-binary-path=/path/to/helm-secrets-command to helmfile. I just don't feel that it is the right way.
Thoughts?

@sstarcher
Copy link
Contributor Author

@mumoshu make sense I'm currently getting a feel for using it. After I get it integrated in for my project I will likely have a better idea of the best way to integrate it.

@mumoshu
Copy link
Collaborator

mumoshu commented Mar 9, 2018

@sstarcher Hi, I have been thinking about this for several days.

Overall, which types of secrets are you willing to manage in your project's Git repository?

For me, it wans't only values.yaml but also kubeconfig containing keys and envvars used in our CI builds. So, I started working on a more universal version of helm-secrets command so that I don't need to use separate tools for various secrets. PTAL if it helps your use-case, too.

@sstarcher
Copy link
Contributor Author

I'm interested primarily in values files. We require separate user authentication so we stear away from a shared kubeconfig and CI holds it's environment variables instead of being in github.

I was thinking a possible integration would be

  - name: grafana
    namespace: default
    chart: stable/grafana
    version: 0.8.1
    values:
      - helm/grafana/values.yaml
    secrets:
      - helm/grafana/secrets.yaml

@mumoshu
Copy link
Collaborator

mumoshu commented Mar 9, 2018

@sstarcher Looks elegant and easy to implement while not introducing a tight-coupling to helm-secrets(it won't be called if you opted not to specify secrets:). Awesome 👍

@mumoshu
Copy link
Collaborator

mumoshu commented Mar 10, 2018

@sstarcher Do you have any bandwidth to send a PR for it?

@sstarcher
Copy link
Contributor Author

@mumoshu I could probably tackle it next week.

@sstarcher sstarcher mentioned this issue Mar 15, 2018
Merged
@aegershman aegershman mentioned this issue Jun 19, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mumoshu @sstarcher