Auth - Secret Name #261

bally-singh · 2021-08-12T13:59:58Z

bally-singh
Aug 12, 2021

Hi Team!

Hope you can help with this one... so I created the auth.yaml file:

username: "testuser"
password: "password123"

ran the following command:

kubectl create secret generic connaisseursecret --from-file auth.yaml

I updated the values.yaml:

#cert: | # in case the trust data host is using a selfsigned certificate
# -----BEGIN CERTIFICATE-----
# ...
# -----END CERTIFICATE-----
auth: # credentials in case the trust data requires authentication
# # either (preferred solution)
secret_name: connaisseursecret # reference a k8s secret in the form required by the validator type (check the docs)
# # or (only for notaryv1 validator)
# username: myuser
# password: mypass

but when I run:

helm install connaisseur helm --atomic --create-namespace --namespace connaisseur

I get the error message:

Error: release connaisseur failed, and has been uninstalled due to atomic being set: timed out waiting for the condition

What is the correct formatting for the values.yaml?

Answered by xopham

Aug 12, 2021

Hey @bally-singh 👋 what you are doing looks correct to me on first sight. The secret_name must be indented however:

#cert: | # in case the trust data host is using a selfsigned certificate
# -----BEGIN CERTIFICATE-----
# ...
# -----END CERTIFICATE-----
auth: # credentials in case the trust data requires authentication
# # either (preferred solution)
  secret_name: connaisseursecret # reference a k8s secret in the form required by the validator type (check the docs)
# # or (only for notaryv1 validator)
# username: myuser
# password: mypass

In case, that is only a copy-paste issue, my second best guess would be that you might have created the secret in another namespace other than the conna…

View full answer

xopham · 2021-08-12T17:55:02Z

xopham
Aug 12, 2021
Maintainer

Hey @bally-singh 👋 what you are doing looks correct to me on first sight. The secret_name must be indented however:

#cert: | # in case the trust data host is using a selfsigned certificate
# -----BEGIN CERTIFICATE-----
# ...
# -----END CERTIFICATE-----
auth: # credentials in case the trust data requires authentication
# # either (preferred solution)
  secret_name: connaisseursecret # reference a k8s secret in the form required by the validator type (check the docs)
# # or (only for notaryv1 validator)
# username: myuser
# password: mypass

In case, that is only a copy-paste issue, my second best guess would be that you might have created the secret in another namespace other than the connaisseur namespace in which case Connaisseur cannot access it. Is that possible? I think we should make this transparent in the docs in any case 🤔

If that does not solve your problem: what do you get, when doing connaisseur-deployment-<your pod ID> while connaisseur tries to install. That might help to further debug

1 reply

bally-singh Aug 12, 2021
Author

Thanks xopham... namespace for the secret 😄

kubectl create secret generic connaisseursecret --from-file auth.yaml --namespace connaisseur

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Auth - Secret Name #261

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

Auth - Secret Name #261

bally-singh Aug 12, 2021

Replies: 1 comment · 1 reply

xopham Aug 12, 2021 Maintainer

bally-singh Aug 12, 2021 Author

bally-singh
Aug 12, 2021

Replies: 1 comment 1 reply

xopham
Aug 12, 2021
Maintainer

bally-singh Aug 12, 2021
Author