From a5900f33db4c823a5b3ac11f45af8929ed80ad2e Mon Sep 17 00:00:00 2001 From: ubombar Date: Tue, 19 Mar 2024 18:03:48 +0100 Subject: [PATCH] Add maxmind secrets to the kustomize files --- config/crd/kustomization.yaml | 1 + config/crd/secrets/maxmind_secret.yaml | 11 +++++++++++ config/manager/manager.yaml | 5 +++++ 3 files changed, 17 insertions(+) create mode 100644 config/crd/secrets/maxmind_secret.yaml diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 5429f81..e22842c 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -4,6 +4,7 @@ resources: # This creates problems! Find a better solution # - edgenet_system_namespace.yaml +- secrets/maxmind_secret.yaml - bases/multitenancy.edge-net.io_tenants.yaml - bases/multitenancy.edge-net.io_tenantresourcequotas.yaml #+kubebuilder:scaffold:crdkustomizeresource diff --git a/config/crd/secrets/maxmind_secret.yaml b/config/crd/secrets/maxmind_secret.yaml new file mode 100644 index 0000000..c8a1d5b --- /dev/null +++ b/config/crd/secrets/maxmind_secret.yaml @@ -0,0 +1,11 @@ +# https://kubernetes.io/docs/concepts/configuration/secret/ +apiVersion: v1 +kind: Secret +metadata: + name: maxmind-secret + namespace: edgenet-system +type: Opaque +data: + # Specify the maxmind accountid and the access token here in base64 encoding to enable nodelabeller. + maxmind_accountid: "" + maxmind_token: "" diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index e319273..8d6e8b6 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -76,6 +76,11 @@ spec: - --disabled-reconcilers="" image: controller name: manager + volumeMounts: + # Try to mount the secret where it is filled in the secrets/maxmind_secret.yaml + # The controller trys to read from the 1. args, 2. environment variables, 3. the secrets in this path. + - mountPath: "/var/run/secrets/edge-net.io/maxmind-secret" + name: "maxmind-secret" securityContext: allowPrivilegeEscalation: false capabilities: