search

ricoberger / vault-secrets-operator

Create Kubernetes secrets from Vault for a secure GitOps based workflow.
MIT License
633 stars 103 forks source link

feat: vault client can read a different service account token path #219

Closed abrahamjoc closed 1 year ago

abrahamjoc commented 1 year ago

This PR allows to read a different service account token that can have permissions to auth with vault for getting vault token, but it doesn't have permissions to create a secret in the Kubernetes cluster.

Key Changes:

  1. Token Path Flexibility: Implementation of functionality that allows the Vault client to read service account tokens from customized paths.
  2. Documentation Update: Modifications in charts/README.md to explain how to set up this new option.
  3. Code Adjustments: Update in vault/vault.go to support this flexibility in the token path.

Benefits:

ricoberger commented 1 year ago

Hi @abrahamjoc, lgtm thanks for your contribution 🙂