Open v0lkan opened 1 year ago
Well, this is a twisted setup since only a workload can fetch variables from Aegis safe.
So for this PoC to work, we’ll need a workload that has access to a set of secrets.
Let’s say we have this template file
grafana: replicaCount: 2 image: pullSecrets: - registrycredentials config: grafanaIniConfigMap: grafana-ini useGrafanaIniFile: true extraEnvVars: env: - name: GF_SECURITY_ADMIN_PASSWORD value: "{{GF_SECURITY_ADMIN_PASSWORD}}" - name: GF_PATHS_PLUGINS value: "{{GF_PATH_PLUGINS}}"
then the variable values will be read from what Aegis Safe provides and will be replaced accordingly.
A command would be
tplsub -t ./grafana-tpl.yaml -o ./grafana-prod.yaml
or somewhere along those lines.
Well, this is a twisted setup since only a workload can fetch variables from Aegis safe.
So for this PoC to work, we’ll need a workload that has access to a set of secrets.
Let’s say we have this template file
then the variable values will be read from what Aegis Safe provides and will be replaced accordingly.
A command would be
or somewhere along those lines.