Issue injecting helm value on configmap

Question

can someone help? I am trying to inject a helm value on a config map, but it breaks the format. If I use the value directly instead of .Values, it works fine.

What I have:

data:
  application.instanceLabelKey: argocd.argoproj.io/instance
  oidc.config: |
    name: Okta
    issuer: https://mycompany.okta.com
    clientID: {{ .Values.okta.clientID }}
    clientSecret: {{ .Values.okta.clientSecret }}
    requestedScopes: ["openid", "profile", "email", "groups"]
    requestedIDTokenClaims: {"groups": {"essential": true}}

The result

data:
  application.instanceLabelKey: argocd.argoproj.io/instance
  oidc.config: "name: Okta\nissuer: https://mycompany.okta.com\nclientID: myClientId \nclientSecret:
    mySecret\nrequestedScopes: [\"openid\", \"profile\",
    \"email\", \"groups\"]\nrequestedIDTokenClaims: {\"groups\": {\"essential\": true}}\n"

Answer 1

it should be with the values.yaml . it worked for me in both ways :

1. using the values in values.yaml

---

Values.yaml:

okta:
  clientSecret: test1233
  clientID: testnew

configmap

apiVersion: v1
kind: ConfigMap
metadata:
  name: test-config
  namespace: default
  labels:
    app: test
data:
  application.instanceLabelKey: argocd.argoproj.io/instance
  oidc.config: |
    name: Okta
    issuer: https://mycompany.okta.com
    clientID: {{ .Values.okta.clientID }}
    clientSecret: {{ .Values.okta.clientSecret }}
    requestedScopes: ["openid", "profile", "email", "groups"]
    requestedIDTokenClaims: {"groups": {"essential": true}}

---

command used :

 helm install testchart .\mycharttest --dry-run

-----Output-------------------

# Source: mycharttest/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: test-config
  namespace: default
  labels:
    app: test
    product: test
    db: test
data:
  application.instanceLabelKey: argocd.argoproj.io/instance
  oidc.config: |
    name: Okta
    issuer: https://mycompany.okta.com
    clientID: testnew
    clientSecret: test1233
    requestedScopes: ["openid", "profile", "email", "groups"]
    requestedIDTokenClaims: {"groups": {"essential": true}}

2. using the values in runtime

---

---Command --

 helm install test .\mycharttest --dry-run --set okta.clientID=newclientid --set okta.clientSecret=newsecret

----Output ---

# Source: mycharttest/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: test-config
  namespace: default
  labels:
    app: test
    product: test
    db: test
data:
  application.instanceLabelKey: argocd.argoproj.io/instance
  oidc.config: |
    name: Okta
    issuer: https://mycompany.okta.com
    clientID: newclientid
    clientSecret: newsecret
    requestedScopes: ["openid", "profile", "email", "groups"]
    requestedIDTokenClaims: {"groups": {"essential": true}

kubernetes version : 1.22 Helm version : version.BuildInfo{Version:"v3.7.1", GitCommit:"1d11fcb5d3f3bf00dbe6fe31b8412839a96b3dc4", GitTreeState:"clean", GoVersion:"go1.16.9"}

Answer 2

The easy way store everything into the file and use it directly first

file oidc.config

name: Okta
issuer: https://mycompany.okta.com
clientID: clientID 
clientSecret: clientSecret
requestedScopes: ["openid", "profile", "email", "groups"]
requestedIDTokenClaims: {"groups": {"essential": true}}

helm

apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ .Release.Name }}-configmap
data:
  {{- $files := .Files }}
  {{- range tuple "oidc.config" }}
  {{ . }}: |-
        {{ $files.Get . }}
  {{- end }}

Reference doc : https://helm.sh/docs/chart_template_guide/accessing_files/

Also checkout this similar answer : https://stackoverflow.com/a/56209432/5525824

Answer 3

After lots of tries, it worked when I skipped the a whitespace at the beginning

data:
  application.instanceLabelKey: argocd.argoproj.io/instance
  oidc.config: |
    name: Okta
    issuer: "https://mycompany.okta.com"
    clientID: {{- .Values.okta.clientId }}
    clientSecret: {{- .Values.okta.clientSecret }}
    requestedScopes: ["openid", "profile", "email", "groups"]
    requestedIDTokenClaims: {"groups": {"essential": true}}