LDAP AD Integration fails using GitLab Operator on Openshift

Hi, I’m trying to integrate AD into GitLab (CE edition) running on Openshift 4.9 but hitting an error that indicates my GitLab CRD might be wrong but I can’t work out why.

The error is:

oc logs gitlab-toolbox-54599d8f9c-t2q2t
Begin parsing .erb templates from /var/opt/gitlab/templates
Writing /srv/gitlab/config/cable.yml
Writing /srv/gitlab/config/database.yml
Writing /srv/gitlab/config/gitlab.yml
/var/opt/gitlab/templates/gitlab.yml.erb:115:in `read': No such file or directory @ rb_sysopen - /etc/gitlab/ldap/main/password (Errno::ENOENT)
        from /var/opt/gitlab/templates/gitlab.yml.erb:115:in `<main>'
        from /usr/lib/ruby/2.7.0/erb.rb:905:in `eval'
        from /usr/lib/ruby/2.7.0/erb.rb:905:in `result'
        from /usr/lib/ruby/2.7.0/erb.rb:890:in `run'
        from /usr/bin/erb:154:in `run'
        from /usr/bin/erb:175:in `<main>'

Under the spec.chart.values section of my gitlab.yaml definition, I have

global:
  appConfig:
    ldap:
      enabled: false
      prevent_ldap_sign_in: false
      servers:
        main:
          active_directory: true
          base: OU=Users,OU=Local Objects,DC=somewhere,DC=com
          bind_dn: CN=sa_gitlab,OU=Service Accounts,OU=Local Objects,DC=somewhere,DC=com
          encryption: plain
          host: domctl.somewhere.com
          label: Active Directory
          lowercase_usernames: true
          password:
            key: bind_password
            secret: gitlab-ldap-bind-secret
          port: 389
          uid: sAMAccountName
          user_filter: (memberof:1.2.840.113556.1.4.1941:=CN=GitLab,OU=Security,OU=Groups,OU=Local
            Objects,DC=somewhere,DC=com)
          verify_certificates: false
  edition: ce

If I change the password section to simply a plain value, the parse complains that is needs the secret and key name.

oc get secret gitlab-ldap-bind-secret
NAME                      TYPE     DATA   AGE
gitlab-ldap-bind-secret   Opaque   1      4d18h

What am I missing please?