19913d85-f662-4518-a9a1-7adc1793dfd4.png){kind=small}
Channels
#dagster-kubernetes
Title
# dagster-kubernetes
t
Ted Conbeer
06/29/2021, 4:52 PMI'm trying to keep secrets out of my
values.yml--set-file✅ 1
Values file (
helm-values-local.yml Copy code
global:
...
dagster-user-deployments:
enabled: true
deployments:
- ...
envSecrets:
- name: local-secret
runLauncher:
...
postgresql:
enabled: true
dagsterDaemon:
...
serviceAccount:
create: true
# We'll use the --set-file option at runtime to add secrets as an extraManifest to this chart
extraManifests: []file containing the extra manifests (
helm-secrets-local.yml Copy code
- apiVersion: v1
kind: Secret
metadata:
name: local-secret
type: Opaque
stringData:
AWS_ACCESS_KEY_ID: mysecretvaluehelm install command and error:
Copy code
helm upgrade \
--install dagster dagster/dagster \
--version $DAGSTER_VERSION \
--values ./helm-values-local.yml \
--set-file extraManifests=./secrets/helm-secrets-local.yml
Error: UPGRADE FAILED: template: dagster/templates/extra-manifests.yaml:1:17: executing "dagster/templates/extra-manifests.yaml" at <.Values.extraManifests>: range can't iterate over
- apiVersion: v1
kind: Secret
metadata:
name: local-secret
type: Opaque
stringData:
...(I've also tried adding the
extraManifests:helm-secrets-local.yml-This is the template: https://github.com/dagster-io/dagster/blob/master/helm/dagster/templates/extra-manifests.yaml
Any tips appreciated!
n
Noah K
06/29/2021, 5:04 PM@Ted Conbeer What you probably want is to use a second values file
Copy code
extraManifests:
- whateverHelm will merge all your
--valuest
Ted Conbeer
06/29/2021, 5:04 PMgot it, didn't realize that. let me try
n
Noah K
06/29/2021, 5:05 PM--set-filet
Ted Conbeer
06/29/2021, 5:05 PMoh, that makes sense
it worked. Thanks, Noah!
n
Noah K
06/29/2021, 5:08 PMJust remember for security modeling, it all ends up in the saved cluster-side manifest
(though at least those default to using Secrets these days)
t
Ted Conbeer
06/29/2021, 5:09 PMyep, this is just for a local (dev) cluster
6 Views