litmus Helm - Allow to disable password reset on first login for admin account if existingSecret is being used

Question

litmus Helm - Allow to disable password reset on first login for admin account if existingSecret is being used

gustavoromerobenitez opened this issue 6 months ago · 2 comments

gustavoromerobenitez commented 6 months ago

When litmus is deployed via the homonymous Helm chart, it is likely that the admin secret is pre-configured, for example via External Secrets.

The feature introduced by this PR makes password reset mandatory for the admin account, which means the external secret must be updated after its first login.

In an ideal situation, when the Helm chart variable existingSecret is set, the admin account should not be asked to reset its password. Other use cases would be non-production environments like sandboxing or test environments where security is not a concern.

Please allow making the aforementioned functionality optional, but defaulting to Enabled.
Thanks in advance.

Answer 1 · 2024-09-16T14:05:55.000Z

Hello @gustavoromerobenitez, I have the same problem because I want to preconfigure the admin password via gitops. Have you found a workaround?

Answer 2 · 2024-09-17T11:45:50.000Z

Hello @gustavoromerobenitez, I have the same problem because I want to preconfigure the admin password via Gitops. Have you found a workaround?

The only workaround I found was updating the source of the external secret (i.e: gcp secret manager secret) after resetting it via the UI. Seed the initial secret with a dummy value and then set the permanent one after resetting it via the ui. Another alternative is to use a version of Litmus Chaos that predates the PR mentioned above.