Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CSI: support getting Secrets from Variables or Vault #7978

Open
tgross opened this issue May 15, 2020 · 3 comments
Open

CSI: support getting Secrets from Variables or Vault #7978

tgross opened this issue May 15, 2020 · 3 comments
Labels
theme/storage theme/variables Variables feature theme/vault type/enhancement

Comments

@tgross
Copy link
Member

tgross commented May 15, 2020

In #7923 we added support for including secrets for volume registration, which are then passed along to plugin RPCs. If we could source these secrets from Vault, that would be even better.

cc @schmichael @dadgar
@tgross tgross added this to the unscheduled milestone Jul 9, 2020
@tgross tgross removed this from the unscheduled milestone Dec 8, 2020
@tgross tgross added this to Needs Roadmapping in Nomad - Community Issues Triage Feb 12, 2021
@tgross tgross removed this from Needs Roadmapping in Nomad - Community Issues Triage Mar 4, 2021
@ggriffiths ggriffiths mentioned this issue May 21, 2021
Closed
@tgross tgross added the theme/variables Variables feature label May 12, 2022
@tgross
Copy link
Member Author

tgross commented Sep 1, 2022

Alternately, now that we'll have Variables in Nomad 1.4.0, we could let users get secrets from there.

@tgross
Copy link
Member Author

tgross commented Sep 27, 2022

Note for implementation: one of the things we deliberately did with Task Access to Variables was to prefix the task variables path with nomad/jobs, leaving room for us to do something like nomad/volumes in the future. We could automatically grant claims access to secrets that match the volume name in the same way we've done with the tasks. You'd register the secrets at the time the volume is created/registered, and from there on out you wouldn't need to know about secrets. This is a much simpler solution than Vault access.

@tgross tgross changed the title CSI: support getting Secrets from Vault CSI: support getting Secrets from Variables or Vault Sep 27, 2022
@tgross tgross mentioned this issue Nov 21, 2022
Open
@tgross tgross mentioned this issue Apr 26, 2023
Closed
@leanst-daniel
Copy link

I need this :)

@tgross tgross mentioned this issue Aug 2, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
theme/storage theme/variables Variables feature theme/vault type/enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tgross @leanst-daniel