kitchen: Use SealedSecret template for config

The configuration file for the kitchen HUD server has credentials embedded in it. Until I get around to refactoring it to read these from separate locations, we'll make use of the template feature of SealedSecrets. With this feature, fields can refer to the (decrypted) value of other fields using Go template syntax. This makes it possible to have most of the `config.yaml` document unencrypted and easily modifiable, while still protecting the secrets.
2024-02-01 21:18:46 -06:00
parent baab02217e
commit 94300ac502
2 changed files with 73 additions and 2 deletions
--- a/kitchen/kitchen.yaml
+++ b/kitchen/kitchen.yaml
@@ -54,8 +54,8 @@ spec:
          readOnly: true
      volumes:
      - name: config
-        configMap:
-          name: kitchen
+        secret:
+          secretName: kitchen
          optional: true
      - name: tzinfo
        hostPath: