help request: Multi-auth plugin configuration with secretRef

[sdd-el]

Description

I have following multi-auth configuration:

spec:
  plugins:
    - config:
        auth_plugins:
          - jwt-auth: {}
          - ldap-auth-custom:
              base_dn: OU=xyz,DC=xyz01,DC=xyzcorp,DC=lan
              ldap_uri: ldap.xyz.com
              login_dn: >-
                CN=usser123,OU=SERVICES,OU=ACCOUNTS,OU=xyz,DC=xyz01,DC=xyzcorp,DC=lan
              login_password: 123456
              tls_verify: false
              uid: CN
              use_tls: false
      enable: true
      name: multi-auth

I would like to use secretRef for my custom plugin (ldap-auth-custom) to avoid having the login_password and login_dn written in plain text in the multi-auth plugin configuration and instead use Kubernetes secrets. While referencing secretRef works fine with a single plugin configuration, it seems to not work with the multi-auth plugin configuration.

Is the reason behind this that secretRef doesn’t allow nesting, or am I missing something? Is there any way to use Kubernetes secrets in the multi-auth plugin configuration?

Environment

• APISIX version (run apisix version): apisix version
• Operating system (run uname -a): 22.04.3-Ubuntu
• OpenResty / Nginx version (run openresty -V or nginx -V):
• etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info):
• APISIX Dashboard version, if relevant:
• Plugin runner version, for issues related to plugin runners:
• LuaRocks version, for installation issues (run luarocks --version):