Kubernetes Credential Provider - Kilemonn/Secrets-Validator GitHub Wiki

The kubernetes Kubernetes credential provider is used to interact with stored Kubernetes Secrets within different namespaces.

Configuration

The Kubernetes provider configuration requires the following properties to be defined in the yaml configuration file. The Kubernetes provider can be defined multiple times with differing properties to access different secrets under different namespaces within the cluster.

namespace (required)

The Kubernetes namespace that the Secret resides under. This property is required, the default namespace in Kubernetes is default.

secret-name (required)

The name of the Secret within the Kubernetes cluster under the configured namespace. All data elements within the Secret will be retrieved and validated against the constraints.

Example

Using the following defined Kubernetes Secret:

apiVersion: v1
kind: Secret
metadata:
  name: my-kubernetes-secret
type: Opaque
stringData:
  kubernetes-value1: wow-great-secret

We can add this whole secret and all elements in data to the validation by using the following definition:

credential-providers:
    - Kubernetes:
        namespace: default
        secret-name: my-kubernetes-secret
constraints:
    ...