redis.existingSecret doesn't take effect when redis.password is set to empty string

Question

redis.existingSecret doesn't take effect when redis.password is set to empty string

Closed this issue 3 years ago · 2 comments

Can't use an existingSecret for redis session storage in order to set OAUTH2_PROXY_REDIS_PASSWORD when the password has a empty string assigned.

Doesn't work:

# values.yaml
...
sessionStorage:
  type: redis
  redis:
    existingSecret: oauth2-proxy-redis-access
    password: ""
...

Works:

# values.yaml
...
sessionStorage:
  type: redis
  redis:
    existingSecret: oauth2-proxy-redis-access
    password: someValue
...

Fix suggestion:

# templates/deployment.yaml
...
        {{- if or .Values.sessionStorage.redis.password .Values.sessionStorage.redis.existingSecret }}
        - name: OAUTH2_PROXY_REDIS_PASSWORD
          valueFrom:
            secretKeyRef:
              name: {{ if .Values.sessionStorage.redis.existingSecret }} {{ .Values.sessionStorage.redis.existingSecret }}{{ else }} {{ template "oauth2-proxy.fullname" . }}-redis-access{{ end }}
              key: redis-password
        {{- end }}
...

Answer 1 · 2022-02-07T10:52:47.000Z

@coy2k could you please open a PR to propose your solution?

Answer 2 · 2022-02-15T21:26:04.000Z

I just discovered the same and was about to open an issue for my PR. I am using this issue instead.