No null check for DataNode env vars under Secret.data

[monrax]

From: https://github.com/tigerpeng2001/graylog-helm/blob/main/evaluation.txt

Secret keys are base64-encoded, but empty values can still end up as null/empty in rendered YAML.

graylog-helm/charts/graylog/templates/config/secret/datanode.yaml

Lines 9 to 11 in 5ffb072

	data:
	GRAYLOG_DATANODE_S3_CLIENT_DEFAULT_SECRET_KEY: {{ .Values.datanode.config.s3ClientDefaultSecretKey | b64enc }}
	GRAYLOG_DATANODE_S3_CLIENT_DEFAULT_ACCESS_KEY: {{ .Values.datanode.config.s3ClientDefaultAccessKey | b64enc }}

For this specific instance, this problem is avoided as the missing values become empty strings automatically. However, it is still good practice to only set environment variables if required, and if the corresponding value doesn't exist, at least quote it so that the env var is set to an empty string, instead of null. For example:

graylog-helm/charts/graylog/templates/config/secret/secrets.yaml

Line 76 in 5ffb072

GRAYLOG_HTTP_TLS_KEY_PASSWORD: {{ .Values.graylog.config.tls.keyPassword | quote }}

How to reproduce?

Just install normally:

helm upgrade --install mongodb-kubernetes-operator mongodb-kubernetes \
  --repo https://mongodb.github.io/helm-charts --version "1.6.1" \
  --set operator.watchNamespace="*" --reuse-values \
  --namespace operators --create-namespace

helm install graylog graylog/graylog -n graylog --create-namespace

And decode the graylog-secrets-datanode secret:

kubectl get secret graylog-secrets-datanode -n graylog -o jsonpath='{.data}'  | jq 'map_values(@base64d)'

You should see the following output:

{
  "GRAYLOG_DATANODE_S3_CLIENT_DEFAULT_ACCESS_KEY": "",
  "GRAYLOG_DATANODE_S3_CLIENT_DEFAULT_SECRET_KEY": ""
}

Where the values have been automatically set as empty strings, even though they are not required.