Right now, the logic in proxy-scanner chart is as follows:
- always create a secret
- if
skipCert is set to false, then add data to this secret
This logic is broken, because of 3 reasons:
- deployment of chart will always create a resource, even if does not contain any data (or overwrite existing secret)
- it forces to key in plain text (
certs.serverKey)
- name of the secret is fixed (
{{ .Values.name }}-certs)
Instead, it should work like in lacework-agent, where it is possible to provide name of existing secret (https://github.com/lacework/helm-charts/blob/main/lacework-agent/templates/daemonset.yaml#L61)
Right now, the logic in proxy-scanner chart is as follows:
skipCertis set tofalse, then add data to this secretThis logic is broken, because of 3 reasons:
certs.serverKey){{ .Values.name }}-certs)Instead, it should work like in
lacework-agent, where it is possible to provide name of existing secret (https://github.com/lacework/helm-charts/blob/main/lacework-agent/templates/daemonset.yaml#L61)