Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

helm chart secrets are not correctly reapplied if one of the secret keys contains an empty string #14981

Open
1 task done
cstruck opened this issue Nov 6, 2024 · 1 comment · May be fixed by #14983
Open
1 task done

helm chart secrets are not correctly reapplied if one of the secret keys contains an empty string #14981

cstruck opened this issue Nov 6, 2024 · 1 comment · May be fixed by #14983
Labels
bug Something isn't working

Comments

@cstruck
Copy link

cstruck commented Nov 6, 2024
edited
Loading

Checklist

  • I have searched budibase discussions and github issues to check if my issue already exists

Hosting

  • Self
    • Method: k8s(helm)
    • Budibase Version: 2.33.2
    • Chart Version: 3.0.216

Describe the bug
When the helm chart is upgraded or synced and there is an existing secret that has an empty string for one or more of the keys, the keys with the empty strings are removed from that secret

but since the empty string is a valid base64 encoded value for the empty string this will cause budibase to crash since the environment variable is now missing

To Reproduce
Steps to reproduce the behavior:

  1. create a secret with one of the data keys as the empty string "" e.g apiEncryptionKey
  2. upgrade the chart to a newer version or sync the state from the chart back to the cluster
  3. wait
  4. the budibase app will crash because of a missing env variable like apiEncryptionKey

Expected behavior
keys will not be removed from the existing secret

Additional context
this happens because inside the charts/budibase/templates/secrets.yaml the secret is read and reapplied from a lookup variable and not quoted before readding
@cstruck cstruck added the bug Something isn't working label Nov 6, 2024
@linear Linear
Copy link

linear bot commented Nov 6, 2024

BUDI-8824 helm chart secrets are not correctly reapplied if one of the secret keys contains an empty string

@cstruck cstruck linked a pull request Nov 6, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix helm chart secret to correctly reapply the existing secret cstruck/budibase
1 participant
@cstruck