2 min read
We can read values from a ConfigMap as a volume but we can present them to a Pod as an environment variable
27/10/2022
Read more...1 min read
When running a ROSA cluster (OpenShift on AWS) we might need to get it's Identity provider (OIDC) for, for example, configure STS (IRSA). We can get it directly from the cluster reading the Authentication object
20/10/2022
Read more...3 min read
The External Secrets Operator can be configured to retrieve secrets from Vault, to demonstrate this we are going to use a test vault running on Kubernetes.
18/10/2022
Read more...3 min read
Openshift has some objects that doesn't exists on Kubernetes such as Project or Route. If we try to push one of these OpenShift objects into a vanilla Kubernetes we'll get an error:
$ kubectl apply -f route.yaml
error: resource mapping not found for name: "demo-route" namespace: "" from "route.yaml": no matches for kind "Route" in version "route.openshift.io/v1"
ensure CRDs are installed first
For CI/CD we might not need a fully features OpenShift cluster, just being able to push the objects might be enough, with the CRD generator we can create the needed CRDs to be able to create these OpenShift objects
17/10/2022
Read more...3 min read
When we are using an ExternalSecret the actual secret is stored elsewhere, being the External Secret Operator in charge of updating the Secret object with the datata if fetches from the SecretStore. What happens when the Secret is updated?
11/10/2022
Read more...