This is CustomController of Kubernetes for berglas secret. You can use berglas in Kubernetes to use Custom Webhook. But, this is a bit invconvinience, because you should grant all ServiceAccount permission of Deployment. So, you should set ServiceAccount every time you create new service. This Berglas Secret Controller can change all berglas secret once you install this.
TODO
- build this repository
git clone https://github.com/kitagry/berglas-secret-controller
cd berglas-secret-controller
make- Create CRD in Kubernetes
make install- Run CustomController
make run- Create Custom Resource
Open new terminal window.
# Write ./config/samples/batch_v1alpha1_berglassecret.yaml by your favorite editor.
kubectl apply -f ./config/samples/batch_v1alpha1_berglassecret.yaml- Check the secret
kubectl get secret
kubectl describe secret <BeglasSecret name>