Skip to content

Version 1.0.0 / 2019-08-28
Compare
Choose a tag to compare
@ricoberger ricoberger released this 28 Aug 20:37
1.0.0
2d497ec
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

The Vault Secrets Operator creates a Kubernetes secret from a Vault. The idea behind the Vault Secrets Operator is to manage secrets in Kubernetes using a secure GitOps based workflow. The Vault Secrets Operator reads a Vault secret from the defined path in a CR and creates a Kubernetes secret from it.

  • The Operator uses Token Auth Method for the authentication against Vault
  • The Operator supports the KV Secrets Engine - Version 1
  • To create a Kubernetes secret from Vault you can use a CR like the following:
apiVersion: ricoberger.de/v1alpha1
kind: VaultSecret
metadata:
  # Name of the CR and the name of the Kubernetes secret to create
  name: example-vaultsecret
spec:
  # Optional: A list of keys which should be included in the Kubernetes Secret. If omitted the Kubernetes Secret will contain all keys from the Vault secret
  keys:
    - foo
  # Path of the Vault secret
  path: secrets/example-vaultsecret
  # Type of the Kubernetes secret to create
  type: Opaque
  • Automatic build of a new Docker image and Helm chart on releases
Assets 2