fix(deployment): hmac secret fix (#80)

Signed-off-by: Miguel Martinez Trivino <[email protected]>

Author: migmartri

deployment/chainloop/Chart.yaml

@@ -3,7 +3,7 @@ name: chainloop
 description: Chainloop is an open source software supply chain control plane, a single source of truth for artifacts plus a declarative attestation crafting process.
 
 type: application
-version: 1.0.4
+version: 1.0.5
 appVersion: v0.8.98
 
 dependencies:

deployment/chainloop/templates/controlplane/config.secret.yaml

@@ -35,9 +35,9 @@ stringData:
         {{- end }}
 
       # HMAC key used to sign the JWTs generated by the controlplane
-      # NOTE: We are base64 encoding the value but can't remove it because it's quoted too by the helper
-      # TODO: Make sure we inject the pass here verbatim
-      generated_jws_hmac_secret: {{ $hmacpass }}
+      # The helper returns the base64 quoted value of the secret
+      # We need to remove the quotes and then decoding it so it's compatible with the stringData stanza
+      generated_jws_hmac_secret: {{ $hmacpass | replace "\"" "" | b64dec | quote }}
 
       # Private key used to sign the JWTs meant to be consumed by the CAS
       cas_robot_account_private_key_path: "/tmp/cas.private.key"