Skip to content

Commit 5dff175

Browse files
author
“barucoh”
committed
Adding support for Certificate items
1 parent c83aae6 commit 5dff175

File tree

9 files changed

+284
-57
lines changed

9 files changed

+284
-57
lines changed

.gitignore

+2
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,8 @@
44
*.dll
55
*.so
66
*.dylib
7+
.idea
8+
dist
79

810
# Test binary, built with `go test -c`
911
*.test

deployment/akeyless-csi-provider.yaml

+9-4
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,9 @@
11
apiVersion: v1
2+
kind: Namespace
3+
metadata:
4+
name: csi
5+
---
6+
apiVersion: v1
27
kind: ServiceAccount
38
metadata:
49
name: akeyless-csi-provider
@@ -51,10 +56,10 @@ spec:
5156
tolerations:
5257
containers:
5358
- name: provider-akeyless-installer
54-
image: akeyless/akeyless-csi-provider:latest
55-
imagePullPolicy: Always
59+
image: akeyless/akeyless-csi-drive-provider:latest
60+
imagePullPolicy: IfNotPresent
5661
args:
57-
- -endpoint=/provider/akeyless.sock
62+
- -endpoint=/provider/akeyless.sock
5863
resources:
5964
requests:
6065
cpu: 50m
@@ -90,4 +95,4 @@ spec:
9095
hostPath:
9196
path: "/etc/kubernetes/secrets-store-csi-providers"
9297
nodeSelector:
93-
beta.kubernetes.io/os: linux
98+
kubernetes.io/os: linux

examples/example.yaml

+63
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,63 @@
1+
apiVersion: secrets-store.csi.x-k8s.io/v1
2+
kind: SecretProviderClass
3+
metadata:
4+
name: nginx-deployment-csi-provider
5+
spec:
6+
provider: akeyless
7+
parameters:
8+
akeylessGatewayURL: "https://api.akeyless.io"
9+
akeylessAccessID: "<your access id>"
10+
akeylessAccessKey: "<your access key - NOT FOR PRODUCTION>"
11+
akeylessAccessType: "access_key"
12+
objects: |
13+
- secretPath: "/full/path/to/secret/item"
14+
fileName: "local-secret-filename"
15+
- secretPath: "/full/path/to/certificate/item"
16+
fileName: "local-certificate-filename"
17+
---
18+
kind: Service
19+
apiVersion: v1
20+
metadata:
21+
name: nginx-deployment
22+
labels:
23+
app: nginx
24+
spec:
25+
selector:
26+
app: nginx
27+
ports:
28+
- protocol: TCP
29+
port: 80
30+
targetPort: 80
31+
---
32+
apiVersion: apps/v1
33+
kind: Deployment
34+
metadata:
35+
name: nginx-deployment
36+
labels:
37+
app: nginx
38+
spec:
39+
replicas: 2
40+
selector:
41+
matchLabels:
42+
app: nginx
43+
template:
44+
metadata:
45+
labels:
46+
app: nginx
47+
spec:
48+
containers:
49+
- name: nginx-deployment
50+
image: nginx
51+
ports:
52+
- containerPort: 80
53+
volumeMounts:
54+
- name: secrets-store-inline
55+
mountPath: "/mnt/secrets-store"
56+
readOnly: true
57+
volumes:
58+
- name: secrets-store-inline
59+
csi:
60+
driver: secrets-store.csi.k8s.io
61+
readOnly: true
62+
volumeAttributes:
63+
secretProviderClass: "nginx-deployment-csi-provider"

go.mod

+25-20
Original file line numberDiff line numberDiff line change
@@ -1,40 +1,45 @@
11
module github.com/akeylesslabs/akeyless-csi-provider
22

3-
go 1.17
3+
go 1.21
4+
5+
toolchain go1.21.5
46

57
replace akeyless.io/akeyless-main-repo => ../akeyless-main-repo
68

79
require (
810
akeyless.io/akeyless-main-repo v0.0.0-00010101000000-000000000000
911
github.com/akeylesslabs/akeyless-go-cloud-id v0.3.4
10-
github.com/akeylesslabs/akeyless-go/v3 v3.2.3
11-
github.com/stretchr/testify v1.8.0
12-
google.golang.org/grpc v1.49.0
12+
github.com/akeylesslabs/akeyless-go/v3 v3.3.7
13+
github.com/stretchr/testify v1.8.4
14+
google.golang.org/grpc v1.58.3
1315
gopkg.in/yaml.v3 v3.0.1
14-
k8s.io/apimachinery v0.22.3
16+
k8s.io/apimachinery v0.28.1
1517
sigs.k8s.io/secrets-store-csi-driver v1.0.0
16-
1718
)
1819

1920
require (
20-
cloud.google.com/go/compute v1.10.0 // indirect
21-
github.com/aws/aws-sdk-go v1.41.13 // indirect
21+
cloud.google.com/go/compute v1.21.0 // indirect
22+
cloud.google.com/go/compute/metadata v0.2.3 // indirect
23+
github.com/aws/aws-sdk-go v1.44.332 // indirect
2224
github.com/davecgh/go-spew v1.1.1 // indirect
2325
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
24-
github.com/golang/protobuf v1.5.2 // indirect
25-
github.com/googleapis/enterprise-certificate-proxy v0.2.0 // indirect
26+
github.com/golang/protobuf v1.5.3 // indirect
27+
github.com/google/s2a-go v0.1.4 // indirect
28+
github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect
2629
github.com/jmespath/go-jmespath v0.4.0 // indirect
27-
github.com/kr/pretty v0.3.0 // indirect
30+
github.com/kr/pretty v0.3.1 // indirect
2831
github.com/pmezard/go-difflib v1.0.0 // indirect
29-
github.com/rogpeppe/go-internal v1.8.0 // indirect
30-
go.opencensus.io v0.23.0 // indirect
31-
golang.org/x/net v0.2.0 // indirect
32-
golang.org/x/oauth2 v0.1.0 // indirect
33-
golang.org/x/sys v0.3.0 // indirect
34-
golang.org/x/text v0.4.0 // indirect
35-
google.golang.org/api v0.98.0 // indirect
32+
github.com/rogpeppe/go-internal v1.10.0 // indirect
33+
go.opencensus.io v0.24.0 // indirect
34+
golang.org/x/crypto v0.15.0 // indirect
35+
golang.org/x/net v0.18.0 // indirect
36+
golang.org/x/oauth2 v0.10.0 // indirect
37+
golang.org/x/sys v0.14.0 // indirect
38+
golang.org/x/text v0.14.0 // indirect
39+
google.golang.org/api v0.126.0 // indirect
3640
google.golang.org/appengine v1.6.7 // indirect
37-
google.golang.org/genproto v0.0.0-20220930163606-c98284e70a91 // indirect
38-
google.golang.org/protobuf v1.28.1 // indirect
41+
google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98 // indirect
42+
google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 // indirect
43+
google.golang.org/protobuf v1.31.0 // indirect
3944
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
4045
)

0 commit comments

Comments
 (0)