Version 1.2.1 / 2019-09-07
Add support for nested secret values (#9, #10):
The Vault Secrets Operator supports nested secret values now. Therefor the operator checks the type for all returned keys from Vault and do not try to always use string
as the type for the value. If the Vault secret contains nested values, the operator use the corresponding JSON string for the Kubernetes secret.
Example:
Create a file called values.json
with the following content:
{
"values.yaml": {
"postgres": {
"user:" "admin",
"secret": "password"
}
"web": {
"initialPassword": "password"
}
}
}
Then create a Vault secret from this file run:
cat values.json | vault kv put kv2/nested-secret -
When the Vault secret was created, create the corresponding CR:
cat <<EOF | kubectl apply -f -
apiVersion: ricoberger.de/v1alpha1
kind: VaultSecret
metadata:
name: nested-secret
spec:
path: kv2/nested-secret
secretEngine: kv2
type: Opaque
EOF