luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Clarify docs for CSI provider secretArgs (#12570)

This commit is contained in:
Andreas Gruhler 2021-10-22 17:27:24 +02:00 committed by GitHub
parent 83076bb58d
commit 8f6e4f1923
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
website/content/docs/platform/k8s/csi/configurations.mdx
View File

@ -75,6 +75,15 @@ The following parameters are supported by the Vault provider:
- `method` `(string: "GET")` - The type of HTTP request. Supported values include "GET" and "PUT".
- `secretPath` `(string: "")` - The path in Vault where the secret is located.
For secrets that are retrieved via HTTP GET method, the `secretPath` can include optional URI parameters,
for example, the [version of the KV2 secret](https://www.vaultproject.io/api/secret/kv/kv-v2#read-secret-version):
```yaml
objects: |
- objectName: "app-secret"
secretPath: "secret/data/test?version=1"
secretKey: "password"
```
- `secretKey` `(string: "")` - The key in the Vault secret to extract. If omitted, the whole response from Vault will be written as JSON.
@ -86,3 +95,7 @@ The following parameters are supported by the Vault provider:
common_name: 'test.example.com'
ttl: '24h'
```
~> `secretArgs` are sent as part of the HTTP request body. Therefore, they are only effective for HTTP PUT/POST requests, for instance,
the [request used to generate a new certificate](https://www.vaultproject.io/api/secret/pki#generate-certificate).
To supply additional parameters for secrets retrieved via HTTP GET, include optional URI paramters in [`secretPath`](#secretpath).