Skip to content

Add apiToken handling to external-dns-raw template #2917

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
vaheed wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add apiToken handling to external-dns-raw template #2917

vaheed wants to merge 1 commit into from

Conversation

@vaheed
Copy link

@vaheed vaheed commented Feb 5, 2026

📌 Summary

Fixes a template bug in external-dns-raw.gotmpl where the Cloudflare provider references
.apiSecret, which is not defined in the Helm values schema. The correct field is .apiToken.

Why this is needed

When External-DNS is enabled with Cloudflare, otomi apply fails during Helm values rendering:
executing "stringTemplate" at <.apiSecret>: map has no entry for key "apiSecret"

Related issue

Fixes #2916

🔍 Reviewer Notes

🧹 Checklist

  • Code is readable, maintainable, and robust.
  • Unit tests added/updated

merll
merll reviewed Feb 9, 2026
View reviewed changes
values/external-dns/external-dns-raw.gotmpl
CF_API_TOKEN: "{{ . | b64enc }}"
{{- end }}
{{- with .apiSecret }}
{{- with .apiToken }}
Copy link
Contributor

@merll merll Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
{{- with .apiToken }}
{{- with . | get "apiSecret" nil }}

merll
merll reviewed Feb 9, 2026
View reviewed changes
@merll
Copy link
Contributor

merll commented Feb 9, 2026

Thank you for the report @vaheed and for the PR. Both apiSecret and apiToken exist in the schema, for allowing for both authentication methods to CloudFlare supported by external-dns. Using one or the other value is used to determine which variables to set.

Of course the template rendering should not fail if either of the values is missing. My suggestions above should fix this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@merll merll merll left review comments

@j-zimnowoda j-zimnowoda Awaiting requested review from j-zimnowoda j-zimnowoda is a code owner

@Ani1357 Ani1357 Awaiting requested review from Ani1357 Ani1357 is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

fix/external-dns-cloudflare-api-token

2 participants

@vaheed @merll