Since all jobs are Kubernetes jobs, even in the case of HTCondor (with an intermediate container to handle communication with the HPC cluster), the approach is the following:
In the case of file-based secrets, we can directly mount the secret in the file system. We can control the path, which for now by default can point to /etc/secrets. Keep in mind that this path can be changed later by the user.
In the case of environment variable based secrets, we can directly add them as environment variables.
diegodelemos
commented
5 years ago
Currently, we are storing user secrets as Kubernetes secrets. We need now to mount them so the jobs have access.
Since all jobs are Kubernetes jobs, even in the case of HTCondor (with an intermediate container to handle communication with the HPC cluster), the approach is the following:
/etc/secrets. Keep in mind that this path can be changed later by the user.