New RunLLM response generated: >>>*# Question* Hi everyone! 👋 I’m working on setting up a Flyte deployment using helm charts and need to configure OIDC secrets and S3 keys using environment variables instead of including them in the helm values.yaml file. Does anyone have experience or recommendations for achieving this? Any tips, examples, or references to existing documentation would be greatly appreciated! Thanks in advance for your help! 🙏 # Answer To configure OIDC secrets and S3 keys using environment variables in a Flyte deployment with Helm charts, you can leverage Kubernetes secrets. According to this GitHub pull request, you can create Kubernetes secrets and reference them in your

values.yaml

file. This approach allows you to avoid hardcoding sensitive information directly in the

values.yaml

file. 1. Create Kubernetes Secrets: Use

kubectl

to create secrets for your OIDC and S3 credentials. For example:

kubectl create secret generic flyte-secrets --from-literal=oidc_client_secret=<OIDC_SECRET> --from-literal=s3_access_key=<S3_ACCESS_KEY> --from-literal=s3_secret_key=<S3_SECRET_KEY>

2. Reference Secrets in Helm: In your

values.yaml

, reference these secrets using

env

and

secretKeyRef

to inject them as environment variables:

configuration:
     auth:
       clientSecretsExternalSecretRef: flyte-secrets
     storage:
       stow:
         config:
           access_key_id: 
             valueFrom:
               secretKeyRef:
                 name: flyte-secrets
                 key: s3_access_key
           secret_key: 
             valueFrom:
               secretKeyRef:
                 name: flyte-secrets
                 key: s3_secret_key

Would you like more detailed guidance on any specific part of this process? Sources: - GitHub Pull Request on Flyte Secrets Slack Link https://flyte.slack.com/archives/CP2HDHKE1/p1732806916.615999 👍 0 button 👎 0 button 💡 Hint: Mention @runllm in the thread for followups.