leverage file temaplates with k8s-secret targets #552
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Desired Outcome
File templates can be used the same way for k8s_secrets as it is used in push-to-file configuration. Templates in secret annotation are rendered and store in target k8s secret. The Secret key can then be mounted as a file into the container's filesystem.
Implemented Changes
Template processing functionality has been refactored - common code has been extracted from the pushtofile package into a new shared package. This allows template processing to be used in both scenarios: when processing file templates in the k8s_secrets target mode and push-to-file mode. When target secret is processed, both conjur-map and temaplates/groups are processed and rendered.
Connected Issue/Story
DRAFT for:
#549