-
Notifications
You must be signed in to change notification settings - Fork 60
Closed
Labels
bugSomething isn't workingSomething isn't working
Description
🔥 Bug Description
Secrets created by aspirate generating Helm charts causes output like this:
apiVersion: v1
kind: Secret
metadata:
annotations: {}
labels:
app: myapp
name: myapp
stringData:
ConnectionStrings__foo: <base64 encoded string removed>
type: Opaque
This causes extra code to be added to the consuming service to decode from base64. I guess that is a bug. I am assuming the intention is that the exact same code which runs under Aspire will run in K8s also. If not, you have to put in code like this:
var connectionString = builder.Configuration.GetConnectionString(connectionName);
if (Base64.IsValid(connectionString))
{
var data = Convert.FromBase64String(connectionString);
connectionString = System.Text.Encoding.UTF8.GetString(data);
}
🔍 Steps to Reproduce the Bug
- Create an .net Aspire project with has a connection string or secret
- Generate Helm charts (
aspirate generate --output-format helm) - Install the chart created
- See error from any service trying to read the connection string/secret as it will be base64 encoded
🧯 Possible Solution
A fix would be to emit yaml like this:
apiVersion: v1
kind: Secret
metadata:
annotations: {}
labels:
app: myapp
name: myapp
data:
ConnectionStrings__foo: <base64 encoded string removed>
type: Opaque
I understand it may undesirable to have a connection string or secrets in plain text as environment variables, but if you get onto the pod, you'd probably have a bigger problem to begin with.
It should be noted that the Helm chart from MS for SQL server uses data rather than stringData.
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
bugSomething isn't workingSomething isn't working
Projects
Status
Done