ArgoCD ignores every "enabled" in values.yaml file other than "global.enabled" when including Hashicorp Vault in ArgoCD

[denrobin]

Checklist:

• I've searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
• I've included steps to reproduce the bug.
• I've pasted the output of argocd version.

Describe the bug

When I create an application in ArgoCD to manage my vault in Kubernetes and refer to my edited values.yaml file, it only recognizes global.enabled while ignoring every other enabled configuration.

To Reproduce

1. Install Hashicorp Vault into Kubernetes through helm.
2. Create a repository for Hashicorp Vault. Use the "App of Apps" pattern.
3. In the values.yaml file, set global.enabled to "false" and some of the enabled keys to "true" or vice versa.
4. Add Hashicorp Vault and its repository to ArgoCD.

Expected behavior

ArgoCD prioritizes the values of the "enabled" keys and only defaults to "global.enabled" if the value is "-".

Screenshots

There i configured "global.enabled" to true and "injector.enabled" to false.

This is the result of "global.enabled" to false and "server.enabled" to true

Version

helm version of vault: 0.29.1
ArgoCD: v2.12.1
helm in ArgoCD: v3.15.2
helm (Client): v3.16.3

[rumstead]

Without knowing the setup of your helm chart, it sounds like you have a parent chart with some subcharts. Eg, vault.server.enabled

https://helm.sh/docs/chart_template_guide/subcharts_and_globals/#overriding-values-from-a-parent-chart

if you perform a helm template with your overrides do you get the expected manifests?

[denrobin]

Without knowing the setup of your helm chart, it sounds like you have a parent chart with some subcharts. Eg, vault.server.enabled

https://helm.sh/docs/chart_template_guide/subcharts_and_globals/#overriding-values-from-a-parent-chart

if you perform a helm template with your overrides do you get the expected manifests?

I performed a helm template and got every object depicted in the first picture plus a server-test.yaml. This is different from my vault application present in kubernetes where eg. I disabled the injector agent.

As for subcharts, I created a basic chart in my repository that points to a second repo where the true helm chart is located.

This is the basic chart:

apiVersion: v2
name: vault
description: A Helm chart for deploying Vault
type: application
version: &version 0.29.1

dependencies:
  - name: vault
    version: *version
    repository: oci://<second repository>/helm/charts

The true helm chart is the one provided by hashicorp. I did not change anything in it, but I will still put it down here:

annotations:
  charts.openshift.io/name: HashiCorp Vault
apiVersion: v2
appVersion: 1.18.1
description: Official HashiCorp Vault Chart
home: https://www.vaultproject.io
icon: https://github.com/hashicorp/vault/raw/f22d202cde2018f9455dec755118a9b84586e082/Vault_PrimaryLogo_Black.png
keywords:
- vault
- security
- encryption
- secrets
- management
- automation
- infrastructure
kubeVersion: '>= 1.20.0-0'
name: vault
sources:
- https://github.com/hashicorp/vault
- https://github.com/hashicorp/vault-helm
- https://github.com/hashicorp/vault-k8s
- https://github.com/hashicorp/vault-csi-provider
version: 0.29.1

[rumstead]

Got it so you need to follow how to override subchart values - https://helm.sh/docs/chart_template_guide/subcharts_and_globals/#overriding-values-from-a-parent-chart.

To set a value in the subchart you would need to do vault.vault.<value>

[denrobin]

Got it so you need to follow how to override subchart values - https://helm.sh/docs/chart_template_guide/subcharts_and_globals/#overriding-values-from-a-parent-chart.

To set a value in the subchart you would need to do vault.vault.<value>

I solved the issue: I indented everything besides the "global" part by two spaces and put "vault:" at the top in the values.yaml file next to my basic chart.