Summary
The user is looking for guidance on adding GCP Secret Manager as the external secret manager in Airbyte setup. They are unsure about the steps mentioned in the documentation and if two examples are different files that need to be installed with abctl commands.
Question
Hello!
I’ve recently setup a GCP VM and installed Airbyte using the <https://docs.airbyte.com/using-airbyte/getting-started/oss-quickstart|quickstart quide>. (Just testing things out for now)
I’m having trouble understanding what needs to be done to add GCP Secret Manager as the external secret manager. I found this https://docs.airbyte.com/deploying-airbyte/integrations/secrets|document but I’m not really sure what needs to be done here. Are the two examples two different files that need to be installed with the abctl commands?
If anyone can explain this a bit more clearly or can point me to more documentation that would be appreciated.
This topic has been created from a Slack thread to give it more visibility.
It will be on Read-Only mode here. Click here if you want
to access the original thread.
Join the conversation on Slack
["gcp-secret-manager", "external-secret-manager", "airbyte-setup", "abctl-commands", "documentation"]
Check out <Quickstart | Airbyte Documentation section> of the Quickstart page. They are files you need to add locally and then reference the values file during install. Not something I’ve done myself but I believe that is the relevant part of the guide.
Thanks <@U067J80PDV3>!
So if I’m understanding right the values.yaml file would look like this example in the docs.
secretsManager:
type: googleSecretManager
storageSecretName: gcp-cred-secrets
googleSecretManager:
projectId: <project-id>
credentialsSecretKey: gcp.json```
I'm not sure what to do with this other example found <https://docs.airbyte.com/deploying-airbyte/integrations/secrets|here> in the "Secrets" section. Would this also go in the values.yaml file?
```apiVersion: v1
kind: Secret
metadata:
name: airbyte-config-secrets
type: Opaque
stringData:
gcp.json: ## {
"type": "service_account",
"project_id": "cloud-proj",
"private_key_id": "2f3b9c8e7d5a1b4f23e697c0d84af6e1",
"private_key": "-----BEGIN PRIVATE KEY-----<REDACTED>\n-----END PRIVATE KEY-----\n",
"client_email": "<http://cloud-proj.iam.gserviceaccount.com|cloud-proj.iam.gserviceaccount.com>",
"client_id": "9876543210987654321",
"auth_uri": "<https://accounts.google.com/o/oauth2/auth>",
"token_uri": "<https://oauth2.googleapis.com/token>",
"auth_provider_x509_cert_url": "<https://www.googleapis.com/oauth2/v1/certs>",
"client_x509_cert_url": "<https://www.googleapis.com/robot/v1/metadata/x509/cloud-proj.iam.gserviceaccount.com>"
}```
Take a look at <https://docs.airbyte.com/deploying-airbyte/creating-secrets|this part> of the guide. It sounds like that should be in a separate file called secrets.yaml
.