Skip to content

Support for Reading Secrets from Files via Mounted Volumes #534

New issue
New issue
Open
Open
Support for Reading Secrets from Files via Mounted Volumes#534
Assignees
ChrisJBurns
Labels
area/kubernetes/secret-managementIssues relating to ToolHive secret management inside of KuberneteskubernetesItems related to Kubernetesp2Low
@ChrisJBurns

Description

@ChrisJBurns
ChrisJBurns
opened on May 31, 2025

Injecting secrets into containers as environment variables is a common approach many take. However, it isn't the most secure due to increased change of leaking. We should support the ability to read secrets as files within ToolHive and the Operator. The underlying MCP servers would already have this as an option because we offer the podTemplateSpec override in the MCPServer CRD. But for ToolHive and the Operator itself, we should consider supporting it also.

As we do not need it for now, this can be a lower priority.

Metadata

Metadata

Assignees

Labels

area/kubernetes/secret-managementIssues relating to ToolHive secret management inside of KuberneteskubernetesItems related to Kubernetesp2Low

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions