Closed bjrb20 closed 2 years ago
Could you push an alpine base image version?
Then you could support more complex commands like this:
grpcurl -plaintext \ -H "Authorization: Bearer $$(cat /var/run/secrets/tokens/vault-token)" \ localhost:80 \ example.v1.Service/Func
This works with a common auth pattern on kubernetes where auth tokens are mounted into a volume on a pod.
apiVersion: v1 kind: Pod metadata: name: nginx spec: containers: - image: nginx name: nginx volumeMounts: - mountPath: /var/run/secrets/tokens name: vault-token serviceAccountName: build-robot volumes: - name: vault-token projected: sources: - serviceAccountToken: path: vault-token expirationSeconds: 7200 audience: vault
seems reasonable to me
dragonsinth
commented
2 years ago dragonsinth
commented
2 years ago
Could you push an alpine base image version?
Then you could support more complex commands like this:
This works with a common auth pattern on kubernetes where auth tokens are mounted into a volume on a pod.