secrets-provider-for-k8s icon indicating copy to clipboard operation
secrets-provider-for-k8s copied to clipboard

Published 20 hours ago verified publisher icon cyberark

Run in standalone mode

Open romanfurst opened this issue 9 months ago • 0 comments
trafficstars

Desired Outcome

The Conjur secret provider component can run as a standalone Kubernetes (K8s) deployment and periodically trigger the provisioning of Conjur secrets. Meanwhile, it reacts to every new or modified K8s secret and triggers provisioning only for that specific secret.

It would be good to introduce this feature along with https://github.com/cyberark/secrets-provider-for-k8s/pull/550

Implemented Changes

A new 'standalone' run mode is provided. The component periodically runs provisioning and updates target secrets. Additionally, a new HTTP server is exposed to handle registered Kubernetes (K8s) mutation webhooks. While provisioning runs automatically within the defined time period, the webhook ensures that every new or modified K8s secret is provisioned immediately.

Connected Issue/Story

DRAFT for:

https://github.com/cyberark/secrets-provider-for-k8s/issues/549

romanfurst avatar Feb 13 '25 20:02 romanfurst