brandon/nextcloud-mcp-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(helm): address PR #447 reviewer feedback

Browse Source 
Critical fix:
- deployment.yaml: Only reference OAuth credentials when clientId is set
- Fixes pod failure when using existingSecret without static OAuth creds
- Aligns deployment behavior with secret template logic

Previously, the deployment referenced OAuth credentials when either
clientId OR existingSecret was set. However, the secret template only
includes OAuth credentials when clientId is explicitly provided. This
caused pod failures when users provided an existingSecret for offline
access without static OAuth credentials (intending to use DCR).

The fix ensures OAuth env vars are only referenced when clientId is set,
matching the OAuth mode pattern and allowing DCR to work correctly with
existingSecret configurations.

Minor improvements:
- values.yaml: Clarify OAuth credentials are optional (uses DCR if not provided)

Testing verified all scenarios:
 Pass-through only (no offline access): No secrets/PVCs/OAuth vars
 Offline + DCR (no clientId): Secret with encryption key only, no OAuth vars
 Offline + static OAuth: Secret with all keys, OAuth vars present
 existingSecret without clientId: No auto secret, no OAuth vars (FIXED)

Resolves reviewer feedback from PR #447
This commit is contained in:
Chris Coutinho
2025-12-22 21:34:40 +01:00
parent 9b5c6779e9
commit ea96a58678
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
charts/nextcloud-mcp-server/templates/deployment.yaml
+1 -1
View File
@@ -100,7 +100,7 @@ spec:
key: {{ .Values.auth.multiUserBasic.tokenEncryptionKeyKey }}
- name: NEXTCLOUD_OIDC_SCOPES
value: {{ .Values.auth.multiUserBasic.scopes | quote }}
{{- if or .Values.auth.multiUserBasic.clientId .Values.auth.multiUserBasic.existingSecret }}
{{- if .Values.auth.multiUserBasic.clientId }}
# Static OAuth credentials (optional - uses DCR if not provided)
- name: NEXTCLOUD_OIDC_CLIENT_ID
valueFrom:
charts/nextcloud-mcp-server/values.yaml
+1 -1
View File
@@ -64,7 +64,7 @@ auth:
# Server optionally stores app passwords for background operations
multiUserBasic:
# Enable offline access (background operations using app passwords via Astrolabe)
# When enabled, requires token encryption key and OAuth client credentials
# When enabled, requires token encryption key. OAuth client credentials are optional (uses DCR if not provided)
enableOfflineAccess: false
# Token encryption key (required if enableOfflineAccess: true, ignored if existingSecret is set)
# Generate with: python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"