Open
Description
As I want my files to have a proper name regarding to container specifications, I want to set an alias on some secrets. But when I do so, stakater/reloader doesn't trigger any rolling update at all anymore on my replicaset.
FYI, I just need to remove the objectAlias line, and stakater will work properly... but the file will be created with a name the contained application doesn't recognize.
Here is what I do:
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
name: azure-kvname
spec:
provider: azure
parameters:
useVMManagedIdentity: "true"
userAssignedIdentityID: XXXXXXXXXXXXXXX
keyvaultName: XXXXXXXXXXXXXXXXX
objects: |
array:
- |
objectName: ThisIsACertificate
objectAlias: SslCertificate.pfx
objectType: cert
tenantID: XXXXXXXXXXXXXXXX
secretObjects:
- data:
- key: certificat
objectName: ThisIsACertificate
secretName: test-secrets
type: OpaqueapiVersion: apps/v1
kind: Deployment
metadata:
name: test-azure-key-vault
labels:
app: test-azure-key-vault
annotations:
secret.reloader.stakater.com/reload: "test-secrets"
spec:
replicas: 3
selector:
matchLabels:
app.kubernetes.io/name: myApp
template:
metadata:
labels:
app.kubernetes.io/name: myApp
spec:
containers:
- name: XXXXXXXXXXXXXXXXXXX
image: XXXXXXXXXXXXXXXXXXXXX
ports:
- containerPort: 80
volumeMounts:
- name: secrets-store01-inline
mountPath: XXXXXXXXXXXXXXXXXXXXX
readOnly: true
volumes:
- name: secrets-store01-inline
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: azure-kvname
Activity