Issues with Auth/Encryption Secrets in Helm Charts Deployment

user-2 · March 4, 2024, 5:28pm

I believe I’m running into issues with auth/encryption secrets deployed using the helm charts. Somehow things are getting broken upon updating helm charts.
Some of the symptoms

Access tokens which I generated and set to never expire are being rejected by GMS after a deployment. Newly generated tokens work fine
Sometimes GMS starts rejecting frontend login requests. I have to kill both the GMS and frontend pods for this to resolve
Looking at the deployed secrets it doesn’t appear like they’re being changed, but is it recommended to just set them manually to avoid them accidentally changing? Anyone have similar issues?

user-2 · March 4, 2024, 5:28pm

Another similar error when trying to generate signup links as an admin. Login worked attachment

user-2 · March 4, 2024, 5:28pm

Just ran a deployment on our staging cluster and saw that the secrets changed before/after for datahub-auth-secrets

user-1 · March 4, 2024, 5:28pm

Hi Drew, can you share more on what updates you’re making to the helm charts?

user-2 · March 4, 2024, 5:28pm

Typically just configmap updates with new ingestion recipes. I think I mostly solved this issue by moving most of the secrets into our external secrets manager.

Topic		Replies	Views
Datahub Setup Issue with Secrets not Showing in UI and Graphql ui	1	12	June 24, 2024
Troubleshooting Frontend Log Access Issue with Helm Deployment all-things-deployment	4	44	March 4, 2024
Testing Stability of Helm Chart 0.4.0 for Release 0.13.0 all-things-deployment	2	64	March 13, 2024
Troubleshooting Pod Security Context in DataHub Helm Charts Deployment all-things-deployment	16	46	March 4, 2024
PRs for Helm Chart Updates and Approval Status all-things-deployment	3	60	March 4, 2024

Issues with Auth/Encryption Secrets in Helm Charts Deployment

Related topics