|
|
|
|
|
|
by thinkmassive
1517 days ago
|
|
|
External secrets are great, especially if your app can read them directly from k8s and avoid ever having them mounted as a volume (or in env var). If your app can’t interface directly w/k8s, but it can read secrets from a file, you can use a small init program to fetch the k8s secret and write it to a named pipe. This is advantageous compared to mounting as a volume, because the pipe disappears after both ends close their connection to it. |
|
|