Cert-manager: New Feature: Support Vault Kubernetes auth backend

Created on 10 Jun 2018 · 10Comments · Source: jetstack/cert-manager

/kind feature

New Feature Request:
Support Vault's Kubernetes auth backend. Currently all I can find is information on using AppRole for authentication to the Vault API.

I would like to use the Kubernetes auth backend that provides Vault authentication using the pod's service account token instead.

If this is something others are interested in I'm open to working on it and taking suggestions.

arevault help wanted kinfeature prioritimportant-longterm

Source

kunickiaj

👍8

Most helpful comment

This would be a really great feature

rblaine95 on 13 Nov 2018

👍10

All 10 comments

So I've actually put together a patch, and just trying to tie up the e2e tests. This requires that the VaultInitializer have a method that configures the kubernetes auth backend which requires at a minimum: the master url and CA cert.

Anyone happen to know what the right way to get these in there are? Opening a pull request for context, until I can get that part figured out.

kunickiaj on 11 Jun 2018

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to jetstack.
/lifecycle stale

retest-bot on 9 Sep 2018

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
Send feedback to jetstack.
/lifecycle rotten
/remove-lifecycle stale