-
-
Notifications
You must be signed in to change notification settings - Fork 959
Open
Labels
@TheRealFloatDev
Description
Provide environment information
Not applicable
Describe the bug
According to the Kubernetes Documentation there are two ways to provide secrets.
- Hardcoding them like so:
secrets: enabled: true sessionSecret: "your-32-char-hex-secret-1" magicLinkSecret: "your-32-char-hex-secret-2" # ...
- Using a Kubernetes Secret like so:
# Recommended: existingSecret, must contain at least the following keys: # - SESSION_SECRET # - MAGIC_LINK_SECRET # - ENCRYPTION_KEY # - MANAGED_WORKER_SECRET # - OBJECT_STORE_ACCESS_KEY_ID # - OBJECT_STORE_SECRET_ACCESS_KEY secrets: enabled: false existingSecret: "your-existing-secret"
Sadly the second version is simply not working.
If you set the secret this way they are not recognized leaving you with a bunch of errors like this one (when starting the web app):
+ NODE_PATH=/triggerdotdev/node_modules/.pnpm/node_modules exec dumb-init node --max-old-space-size=8192 ./build/server.js
/triggerdotdev/node_modules/.pnpm/zod@3.25.76/node_modules/zod/v3/types.cjs:120
throw result.error;
^
ZodError: [
{
"code": "invalid_type",
"expected": "string",
"received": "undefined",
"path": [
"SESSION_SECRET"
],
"message": "Required"
},
{
"code": "invalid_type",
"expected": "string",
"received": "undefined",
"path": [
"MAGIC_LINK_SECRET"
],
"message": "Required"
},
{
"code": "invalid_type",
"expected": "string",
"received": "undefined",
"path": [
"ENCRYPTION_KEY"
],
"message": "Required"
}
]
Reproduction repo
https://trigger.dev/docs/self-hosting/kubernetes#custom-values
To reproduce
- Get yourself the example values.yaml from the docs
- set
secrets.enabletofalseto not use the hardcoded secrets - Create a secret and reference it in
secrets.existingSecret - Deploy the helm chart using your values file
- Encounter deployment issues due to seemingly missing secrets
Additional information
No response