adminHash does not work as a secret

[larsenqec]

We are experiencing the issue described here running chart version 4.5.6

apache/couchdb#4590

When a pod restarts, the admin password hash is recalculated with a random salt and this seems to affect session cookies
when using the Fauxton UI.

The suggested resolution is to specify adminHash in the values, however according to the comments in values.yaml, this is not considered secure.

We attempted to define adminHash in our preconfigured secret which also contains adminPassword, but it seems that adminHash is not read from the secret. The statefulset.yaml template only reads adminHash from Values.

I am requesting that adminHash as a secret (like adminPassword) be implemented.

[larsenqec]

Update. I discovered that the statefulset.yaml template does indeed read adminHash from the kubernetes secret, however the values.yaml documentation is simply wrong. If you put ANY value for adminHash in your helm deployment, then it will read the value of adminHash from the secret. So, we have deployed with adminHash = true in Values while the full hash is in our secret.

The comments in values.yaml should be updated.

Suggestion values.yaml should be changed to have "adminHashFromSecret" as a true/false option. That would certainly clarify matters.