Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Question: Why do we have to define the input parameters ? #49

Open
cmoulliard opened this issue Nov 7, 2024 · 2 comments
Open

Question: Why do we have to define the input parameters ? #49

cmoulliard opened this issue Nov 7, 2024 · 2 comments
Labels
question Further information is requested

Comments

@cmoulliard
Copy link

cmoulliard commented Nov 7, 2024
edited by jessebot
Loading

Question

Why do we have to define the input parameters instead of getting all the k=v pairs from the secret loaded ?

# Dummy example

  generators:
    - plugin:
        configMapRef:
          name: secret-var-plugin-generator
    # No input parameters is defined here as we would like to get all of them 
  template:
    metadata:
      name: github-app-secrets
    spec:
      destination:
        server: "https://kubernetes.default.svc"
        namespace: jobs
      source:
        repoURL: cnoe://manifests
        path: "."
        kustomize:
          patches:
            - target:
                kind: Job
                name: github-app-secrets
              patch: |-
                - op: add
                  path: /spec/template/spec/containers/0/env/-
                  value:
                    name: GITHUB_APP_ID 
                    value: '{{ .github_app_id | b64dec | trim }}'
                
                - op: add
                  path: /spec/template/spec/containers/0/env/-
                  value:
                    name: GITHUB_WEBHOOK_SECRET
                    value: '{{ .github_webhook_secret | b64dec | trim }}'
@jessebot
Copy link
Collaborator

jessebot commented Nov 8, 2024

This was to allow you to do a bit of namespacing on which parameters you get, even if you're using one instance of appset-secret-plugin for your whole cluster. In this repo, small-hack/argocd-apps you can see in my example of home-assistant I am grabbing only the parameters related to home assistant.

I'm quickly replying for heading out to work today, but what kind of solution would you be open to? Can you give me an example? (also thanks for all your other helpful Issues you've opened!)

@jessebot jessebot added the question Further information is requested label Nov 8, 2024
@cmoulliard
Copy link
Author

I'm quickly replying for heading out to work today, but what kind of solution would you be open to?

After playing a bit with the Argocd Secret Plugin successfully (see an example here), I'm inclined to think that we should keep the code as such as declaring the parameters par tof the YAML generator section better document what we want to do ;-)

Note: Instead of passing all the parameters (aka this ticket), we could perhaps think about to improve what we have and to pass as parameter the name of the secret from where such k=v are stored. Why ? To be able to create several secrets containing k=v used for different ApplicationSet

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cmoulliard @jessebot