Description
Hi!
Would it be possible to add existing secrets and extra objects (manifests) support for the helm chart?
Why Existing Secrets?
The sub-charts in the helm chart can already support existing secrets, you can designate it something like this via the values.yaml:
postgresql:
auth:
existingSecret: my-credentials
redis:
auth:
existingSecret: my-credentials
rabbitmq:
auth:
existingPasswordSecret: my-credentials
memcached:
auth:
existingPasswordSecret: my-credentials
For Zulip, I think this would mean allowing something like the below in the values.yaml:
zulip:
auth:
existingSecret: my-credentials
If the Zulip helm chart had this feature as well, users could use various available secret management solutions to generate and maintain the secret outside of the zulip chart.
Why Extra Objects?
This would allow increased flexibility with the helm chart, and can potentially be leveraged by secret management solutions to handle creating objects as necessary. A good example would be using this to generate an existing secret using AWS Secrets Manager:
extraObjects:
- apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
name: aws-zulip-credentials
namespace: zulip
spec:
provider: aws
parameters:
objects: |
- objectName: "zulip-credentials"
objectType: "secretsmanager"
secretObjects:
- secretName: my-credentials
type: Opaque
data:
- objectName: zulip-password
key: secret-key
If the feature makes sense, I wouldn't mind taking some time to create a PR and submit it to this repository.