You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We would like the ability to retrieve the DSN from a separate secret. As it is all bundled into one secret, this isn't really possible if we are using an external secret for all Ory secret values. We aren't even able to override the environment variable when an external secret is defined. We define an external secret in the chart so that we can feed in our own values for the SECRET_* values.
Describe your ideal solution
The ability to specify a separate external secret for DSN would resolve this issue.
Workarounds or alternatives
The only way to workaround this (from what I can see) would be to let Ory create its own secret, but then we would lose control of being able to send in the other values.
Version
0.42.1
Additional Context
No response
The text was updated successfully, but these errors were encountered:
Hello there!
After some consideration, I think the current chart does support your use-case, even though it may require a slight workaround:
Using the chart values define the required secrets and a initial, fake DSN (basically set it to a foobar value)
Using the extraEnv inject into the pods a new DSN value which takes data from your pre-defined secret
The result should be that the DSN env overrides the config value and the application consumed your supplied DSN value, only defaulting to the foobar if the target secret is missing or not accessable.
Preflight checklist
Ory Network Project
No response
Describe your problem
We would like the ability to retrieve the DSN from a separate secret. As it is all bundled into one secret, this isn't really possible if we are using an external secret for all Ory secret values. We aren't even able to override the environment variable when an external secret is defined. We define an external secret in the chart so that we can feed in our own values for the SECRET_* values.
Describe your ideal solution
The ability to specify a separate external secret for DSN would resolve this issue.
Workarounds or alternatives
The only way to workaround this (from what I can see) would be to let Ory create its own secret, but then we would lose control of being able to send in the other values.
Version
0.42.1
Additional Context
No response
The text was updated successfully, but these errors were encountered: