Open faisal-memon opened 2 months ago
We started with UDS to punt on the authentication problem. If it is moved to a different pod, we'd need to figure out how to authenticate the controller with SPIRE and authorize it as an admin.
I could see how that would be extremely difficult to solve, without some kind of hackish auth solution. :/
Would be nice to be able to run controller manager in its own Pod. This request came in as https://github.com/spiffe/helm-charts-hardened/issues/341 with the SPIRE helm charts. The linked ticket has some reasoning for the request.