search

hashicorp / vault-k8s

First-class support for Vault and Kubernetes.
Mozilla Public License 2.0
786 stars 169 forks source link

supports to kubernetes.io/dockerconfigjson #160

Open ch0mik opened 4 years ago

ch0mik commented 4 years ago

this secret currently I stored into clean kubernetes, but I want to store it into Vault.

apiVersion: v1
kind: Secret
metadata:
  name: repocredentials
  namespace: myns
data:
  .dockerconfigjson: ewo--cut--9Cgl9Cn0K
type: kubernetes.io/dockerconfigjson

Is the possible store this type of secres into Vault ?

vijaymhaske commented 2 years ago

Hi @ch0mik - I am also facing the same issue. Did you figured out how to achieve this?

danielFlemstrom commented 1 year ago

Anyone got it working?
As I see it, the obvious way to do this should be the following (That does not work):

apiVersion: v1
kind: Secret
metadata:
  name: my-private-registry-pull-secret
  annotations:
    avp.kubernetes.io/path: "secret/data/myappsecrets"    # Vault Path
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: MY_KEY_TO_REPO_AUTH               # Treat contents in Vault as docker config.

This should be one of the first issues you encounter when starting out with k8 and vault so I guess we are approaching it from the wrong direction, or are people happy with storing their repo keys in GIT ?