search

gomods / athens-charts

Helm charts for athens
https://gomods.github.io/athens-charts/
MIT License
10 stars 14 forks source link

Provide external SSH Keys #37

Closed mikhainin closed 1 year ago

mikhainin commented 1 year ago

We would like to use our external Secret Manager to provide SSH keys in the container. Currently, there doesn't seem to be a way to define where the keys should be mounted, we can only put them in the values.yaml which might be considered as not very secure.

E.g.

apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: ssh-secret
spec:
  secretStoreRef:
    kind: SecretStore
    name: vault-backend-secretstore
  target:
    name: ssh-keys
  data:
    - remoteRef:
        key: athens/ssh-keys
        property: teamcity-app
      secretKey: teamcity-app-id_rsa

This resource will create a secret "ssh-keys" which we can mount in the container