Open
Description
Is your feature request related to a problem? Please describe.
We are trying to use instant updates for secrets. This feature uses a direct connection to the vault nodes. Our vault enterprise nodes use certificates issued by our internal PKI, which means we need to trust the root and intermediate CAs in the vault secrets operator deployment.
Describe the solution you'd like
In order to trust our internal PKI we need to be able to add extra volumes and a volumeMounts to the deployment through the values file like this:
controller:
extraVolumes:
- name: ca-certificate-only
configMap:
name: internal-certbundle
defaultMode: 0644
optional: false
extraVolumeMounts:
- name: ca-certificate-only
mountPath: /etc/ssl/certs/internal-certbundle
subPath: internal-certbundle
readOnly: true
These values should be appended to the volumes and volumeMounts in the deployment.yaml
Describe alternatives you've considered
Using letsencrypt for the vault nodes is not an option for us.
Additional context
N/A