Skip to content
This repository has been archived by the owner on Jun 4, 2024. It is now read-only.

Helm: Improve compatibility with Machine ID #986

Merged
merged 8 commits into from
Dec 27, 2023
Merged

Helm: Improve compatibility with Machine ID #986

merged 8 commits into from
Dec 27, 2023

Conversation

strideynet
Copy link
Contributor

@strideynet strideynet commented Dec 15, 2023
edited
Loading

Closes #985

No longer use subPath when mounting the identity file secret

To use Machine ID with plugins, the identity file changes regularly. The use of subPath prevents this (from the k8s docs):

Note: A container using a Secret as a subPath volume mount does not receive automated Secret updates.

Enable credential watching by default

Provides refresh_identity by default to the configuration for plugins. There shouldn't be any adverse affects if Machine ID isn't being used.

@strideynet strideynet changed the title Helm: No longer use subPath when mounting secrets Helm: Improve compatibility with Machine ID Dec 20, 2023
@strideynet strideynet marked this pull request as ready for review December 20, 2023 12:13
@strideynet
Copy link
Contributor Author

I've tested the Discord access plugin locally with both Machine ID and an old style secret containing a one-off identity file as described by the docs.

@strideynet strideynet enabled auto-merge (squash) December 27, 2023 14:52
@strideynet strideynet merged commit d29f14c into master Dec 27, 2023
13 checks passed
@strideynet strideynet deleted the strideynet/machine-id-helm-chart branch December 27, 2023 14:56
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@hugoShaka hugoShaka hugoShaka approved these changes

@zmb3 zmb3 zmb3 approved these changes

@tigrato tigrato tigrato approved these changes

@klizhentas klizhentas Awaiting requested review from klizhentas klizhentas is a code owner

@russjones russjones Awaiting requested review from russjones russjones is a code owner

@r0mant r0mant Awaiting requested review from r0mant r0mant is a code owner

@Joerger Joerger Awaiting requested review from Joerger Joerger is a code owner

@tcsc tcsc Awaiting requested review from tcsc tcsc is a code owner

@camscale camscale Awaiting requested review from camscale camscale is a code owner

@fheinecke fheinecke Awaiting requested review from fheinecke fheinecke is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Use of subPath when mounting Teleport identity secret in access plugins helm charts breaks reload
4 participants
@strideynet @tigrato @zmb3 @hugoShaka