Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Injecting secrets into specific containers #311

Closed
dmitrytretyakov opened this issue Jan 13, 2022 · 2 comments
Closed

Injecting secrets into specific containers #311

dmitrytretyakov opened this issue Jan 13, 2022 · 2 comments
Labels
enhancement New feature or request

Comments

@dmitrytretyakov
Copy link

Is your feature request related to a problem? Please describe.
For now, the agent injects secrets into all containers.
As we use Vault for sensitive data it's not good to share secrets between all of the containers in the pod.
For example, I don't want to share admin creds from DB to monitoring tools (e.g. prometheus-exporter)
It increases the chance to compromise a system

Describe the solution you'd like
It would be nice to have a way to limit the list of containers in which are required to be injected.
Via adding annotation for this feature

@dmitrytretyakov dmitrytretyakov added the enhancement New feature or request label Jan 13, 2022
@tvoran
Copy link
Member

tvoran commented Jan 14, 2022

Hi @dmitrytretyakov thanks for raising the issue! Is this similar to #236? There's also a proposed PR solution for it in #245.

@dmitrytretyakov
Copy link
Author

Hi, @tvoran !
yes, that's what we need
Subscribed for PR, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants