Watching for the existence of a completion file into a shared volume to mark that a worker container in the same pod has successfully completed.
In a short-lived job, the worker container might successfully complete but the vault-creds container will live forever so the job will too. Both the worker container and the vault-creds sidecar should mount the same empty directory – just before the worker finishes it should write a file to indicate it's finished and signalling the vault-creds sidecar to terminate. Should not affect long lived services using vault-creds.
Watching for the existence of a completion file into a shared volume to mark that a worker container in the same pod has successfully completed.
In a short-lived job, the worker container might successfully complete but the vault-creds container will live forever so the job will too. Both the worker container and the vault-creds sidecar should mount the same empty directory – just before the worker finishes it should write a file to indicate it's finished and signalling the vault-creds sidecar to terminate. Should not affect long lived services using vault-creds.
More info here: https://github.com/kubernetes/kubernetes/issues/25908