similar to the snyk/trivy image (see #59), the vault image was built on old assumptions;
however, different than those other ones, it's pretty much useless right now, since a Secret will never exist in the /kratix/input directory; this story is to fix that so people can actually use the image
also, similar to #57 , the vault image needs access to a configmap, and the current implementation relies on a configmap existing with a known name. a better approach would be to use volumeMounts and read it from the local filesystem.
Tasks
[x] image updated to find secrets in /kratix/output
[x] image no longer relies on k get configmap but rather on a file in the local system, to be populated via volumeMounts
kirederik
commented
1 month ago
similar to the snyk/trivy image (see #59), the vault image was built on old assumptions;
however, different than those other ones, it's pretty much useless right now, since a
Secretwill never exist in the/kratix/inputdirectory; this story is to fix that so people can actually use the imagealso, similar to #57 , the vault image needs access to a configmap, and the current implementation relies on a configmap existing with a known name. a better approach would be to use
volumeMountsand read it from the local filesystem.Tasks
/kratix/outputk get configmapbut rather on a file in the local system, to be populated viavolumeMounts