I want to use TLS to connect this provider to our Kafka clusters, but it seems like the certificate must be configured in a Kubernetes secret. This is something I would like to avoid since Kubernetes secrets are considered less secure than alternatives. We are using a CSI driver to obtain ephemeral certificates which I would like to use.
What problem are you facing?
I want to use TLS to connect this provider to our Kafka clusters, but it seems like the certificate must be configured in a Kubernetes secret. This is something I would like to avoid since Kubernetes secrets are considered less secure than alternatives. We are using a CSI driver to obtain ephemeral certificates which I would like to use.
How could Crossplane help solve your problem?
Support for specifying a path within the provider pod for the client certificate in https://github.com/crossplane-contrib/provider-kafka/blob/main/internal/clients/kafka/config.go.