TractusX Helm Chart: setting either the vault.azure.clientsecret _or_ vault.azure.certificate does not work

[paullatzelsperger]

Describe the bug

Setting the vault.azure.clientsecret value to authenticate against an Azure KevVault does not work, because it always gets overwritten by vault.azure.certificate.

The reason is that the respective environment variables (EDC_VAULT_CERTIFICATE and EDC_VAULT_CLIENTSECRET) are always set, even when vault.azure.certificate is not configured, and they have a default value of "" (empty string).

Then, the AzureVaultExtension checks if the certificate path is null, which it isn't (because it's ""), and tries to interpret the empty string as certificate path, which obviously fails.

Possible Implementation

setting the environment variables only if the respective Values exist:

# only set the env var if config value not null
{{- if .Values.vault.azure.secret }}
- name: "EDC_VAULT_CLIENTSECRET"
  value: {{ .Values.vault.azure.secret | quote }}
{{- end }}