the current sealedsecret image uses kubectl to read a configmap with a known name to find out the certificate to use;
a better approach would to support reading the certificate from env or from a file within the local system; this would allow penny to use env or volumeMounts on her pipeline spec. This would also making reading the configmap with a known name redundant, so we can remove it.
tasks
[ ] support for getting the certificate via a environment variable
[ ] support for getting the certificate from a volumeMount
[ ] remove reading the configmap with a known name
the current sealedsecret image uses
kubectl
to read a configmap with a known name to find out the certificate to use;a better approach would to support reading the certificate from env or from a file within the local system; this would allow penny to use
env
orvolumeMounts
on her pipeline spec. This would also making reading the configmap with a known name redundant, so we can remove it.tasks