search

eraser-dev / eraser

🧹 Cleaning up images from Kubernetes nodes
https://eraser-dev.github.io/eraser/
Apache License 2.0
497 stars 62 forks source link

[REQ] Support for extra volume mount in eraser pod #996

Closed jiashun0011 closed 2 months ago

jiashun0011 commented 7 months ago

What kind of request is this?

New feature

What is your request or suggestion?

When using eraser in private cloud, we may need mount extra certs to download trivy-db to ensure eraser scanner work as expected.

Currently, eraser pod's lifecycle is controlled by controller manager which means there is no workaround to mount the certs permanently for eraser pod.

Can you help provide some fields in controller_manager_config.yaml where we can define the certs to mount then you can mount them during eraser pod's creation?

Are you willing to submit PRs to contribute to this feature request?

ashnamehrotra commented 7 months ago

@jiashun0011 there are no fields within controller_manager_config.yamlcurrently that take in certificates. If you need to mount the certs during eraser pods creation, you would need to pass the value to the manager by creating a new field, and retrieve it in createImageJob function.