Secret in InitProvider is required but should be optional #456
Labels
bug
Something isn't working
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The Property IdentityProviderSpec.InitProvider.ClientSecretSecretRef
(see https://github.com/crossplane-contrib/provider-keycloak/blame/11f3432fc6cbf1f12168f6e3ba425f79ad0d5710/apis/oidc/v1alpha1/zz_identityprovider_types.go#L55-L57)
is a required field since updating upjet to to v1.4.0
(see https://github.com/crossplane/upjet/releases/tag/v1.4.0 -> Support for Secret References in spec.initProvider)
InitProvider properties are set if the value of the property should only be taken into account during creation and not during update
(see https://docs.crossplane.io/latest/concepts/managed-resources/#initprovider)
But from Keycloaks point of view the client secret of an OIDC IdentityProvider is NOT immutable.
It should be possible to set ClientSecretSecretRef via forProvider and skip setting it at the initProvider
Additional Notes:
forProvider defines the field "ClientSecretSecretRef" also as required.
Which leads to the situation that I have to specify both (initProvider and forProvider), which might run into the following issue: #299
ref: crossplane-contrib/provider-keycloak#113
The text was updated successfully, but these errors were encountered: