Open teancom opened 1 year ago
This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days. Maintainers can add the exempt-stale
label.
Should things tagged feature-request
be automatically exempt-stale
as well? Or is this a way to automated-ly check in to see if the feature is still desired? (It is, btw).
This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days. Maintainers can add the exempt-stale
label.
I continue to think this would be nifty.
This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days. Maintainers can add the exempt-stale
label.
This would still be great
This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days. Maintainers can add the exempt-stale
label.
This would still be super neat.
+1 You've been tenacious @teancom ;-) any way to upvote this feature request?
This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days. Maintainers can add the exempt-stale
label.
Up VOTE up VOTE up VOTE!
Is your feature request related to a problem? Please describe. Our secrets are kept in an external secret keeper, and we use an init container to grab them and write them out on disk on container startup. There is no automated way to scrape those files and turn them into environment variables. When using fluentd, we can do the following:
But fluent-bit does not support either inline Ruby (of course) or the ability to point to a file and have the token read from it.
Describe the solution you'd like Two possible solutions spring to mind: ) auto-detect that the token starts with an
/
and treat it as a path (not a big fan of this) ) Add another config key likeSplunk_Token_Path
that can be used in place ofSplunk_Token
Describe alternatives you've considered @agup006 had the suggestion of using the
-debug
container, which contains a shell and would allow us to use a small script to grab the file, export it, and then start fluent-bit. However the debug containers are much larger than the non-debug, containing an entire linux distribution. And I would prefer not to change the Entrypoint of the container.Additional context We are trying to follow https://blog.forcesunseen.com/stop-storing-secrets-in-environment-variables in our approach to k8s secret keeping, which is why we don't have our secret-keeper automatically convert them to environment variables. Just for context as to why this is an issue in the first place.