Often secrets can be stored externally in a secret manager solution and used in Kubernetes via the Secret Store CSI driver. This requires creating an additional resource SecretClassProvider.
It would be great to be able to do that as part of deploying the mirrord-operator helm chart. So that the external secret that contains the operator's license can be created as a Kubernetes secret and made available to the app.
As an example, this is how cert-manager does it in their helm chart (1,2).
E.g.:
extraObjects:
- apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
name: mirrord-license-secret
spec:
provider: gcp
parameters:
secret: [...]This would allow to deploy mirrord-operator using just one chart without the need to create a wrapper chart or separate static manifests elsewhere to make the license data available.
Thanks
Often secrets can be stored externally in a secret manager solution and used in Kubernetes via the Secret Store CSI driver. This requires creating an additional resource
SecretClassProvider.It would be great to be able to do that as part of deploying the mirrord-operator helm chart. So that the external secret that contains the operator's license can be created as a Kubernetes secret and made available to the app.
As an example, this is how cert-manager does it in their helm chart (1,2).
E.g.:
This would allow to deploy mirrord-operator using just one chart without the need to create a wrapper chart or separate static manifests elsewhere to make the license data available.
Thanks