Skip to content

fix(eso): remove external secrets key collisions #212

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
agaetep merged 2 commits into from
Dec 22, 2025
Merged

fix(eso): remove external secrets key collisions #212

agaetep merged 2 commits into from
Dec 22, 2025
+1 −21

Conversation

@agaetep
Copy link
Contributor

@agaetep agaetep commented Dec 22, 2025

Now that we have support for the tags service-pcc: enabled and the passwordless client was renamed, we no longer need the chart to be fixed here. This PR removes that and allows tofu to be the chart's source of truth until the shared helm chart handles it.

@agaetep
remove external secrets key collisions
1aff04a 
Signed-off-by: Antonia Gaete <agaete@linuxfoundation.org>
Copilot AI review requested due to automatic review settings December 22, 2025 18:13
@agaetep agaetep requested a review from jordane as a code owner December 22, 2025 18:13
github-actions[bot]
github-actions bot reviewed Dec 22, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Conventional Commits FTW!

@coderabbitai
Copy link

coderabbitai bot commented Dec 22, 2025
edited
Loading

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

Removed the dataFrom array from the externalSecrets block in the Helm values file, replacing the previous detailed dataFrom entries (multiple extract and find definitions with rewrites) with an empty list.

Changes

Cohort / File(s) Summary
Helm configuration
charts/lfx-v2-ui/values.yaml		 Replaced the previously populated externalSecrets.dataFrom block (which contained multiple extract and find secret query entries with key rewrites) with an empty dataFrom: []. Other externalSecrets fields (provider, target, etc.) were left unchanged.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

  • Verify that removed dataFrom secret queries are not required or have been migrated elsewhere.
  • Confirm no runtime/service expectations rely on the previously provided Auth0 and pcc secret entries.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The PR title clearly describes the main change: removing external secrets key collisions from the externalSecrets configuration in the values.yaml file.
Description check ✅ Passed The PR description directly relates to the changeset, explaining the rationale for removing chart-specific fixes to external secrets configuration and the underlying reasons for the change.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch agaete/external-secrets
📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

  • Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1aff04a and 33cd6ff.

📒 Files selected for processing (1)
  • charts/lfx-v2-ui/values.yaml
🚧 Files skipped from review as they are similar to previous changes (1)
  • charts/lfx-v2-ui/values.yaml

Comment @coderabbitai help to get the list of available commands and usage tips.

@agaetep agaetep changed the title remove external secrets key collisions fix(eso): remove external secrets key collisions Dec 22, 2025
Copilot AI reviewed Dec 22, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR removes the workaround configuration for Auth0 external secrets key collisions from the Helm chart values. With the passwordless client renamed and support for the service-pcc: enabled tag now available, the configuration can be managed through Tofu/Terraform instead of being hard-coded in the chart's values.yaml file.

  • Removes the dataFrom section containing Auth0 client secret extraction and rewriting rules
  • Eliminates hard-coded references to LFX_ONE and LFX_ONE_Passwordless Auth0 clients
  • Removes the service: "pcc" tag-based secret finder with conflict policy

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@agaetep
Update charts/lfx-v2-ui/values.yaml
33cd6ff 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Antonia Gaete <82597086+agaetep@users.noreply.github.com>
@agaetep agaetep merged commit 9430bb6 into main Dec 22, 2025
6 checks passed
@agaetep agaetep deleted the agaete/external-secrets branch December 22, 2025 20:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

Copilot code review Copilot Copilot left review comments

@AlanSherman AlanSherman AlanSherman approved these changes

@jordane jordane Awaiting requested review from jordane jordane is a code owner

@andrest50 andrest50 Awaiting requested review from andrest50

@asithade asithade Awaiting requested review from asithade

@dealako dealako Awaiting requested review from dealako

@mauriciozanettisalomao mauriciozanettisalomao Awaiting requested review from mauriciozanettisalomao

Assignees

@agaetep agaetep

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@agaetep @AlanSherman