Add maxmind secrets to the kustomize files

EdgeNet-project · Mar 19, 2024 · a5900f3 · a5900f3
1 parent 60e5512
commit a5900f3
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 0 deletions.
diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml
@@ -4,6 +4,7 @@
 resources:
 # This creates problems! Find a better solution
 # - edgenet_system_namespace.yaml
+- secrets/maxmind_secret.yaml
 - bases/multitenancy.edge-net.io_tenants.yaml
 - bases/multitenancy.edge-net.io_tenantresourcequotas.yaml
 #+kubebuilder:scaffold:crdkustomizeresource

diff --git a/config/crd/secrets/maxmind_secret.yaml b/config/crd/secrets/maxmind_secret.yaml
@@ -0,0 +1,11 @@
+# https://kubernetes.io/docs/concepts/configuration/secret/
+apiVersion: v1
+kind: Secret
+metadata:
+  name: maxmind-secret
+  namespace: edgenet-system
+type: Opaque
+data:
+  # Specify the maxmind accountid and the access token here in base64 encoding to enable nodelabeller.
+  maxmind_accountid: ""
+  maxmind_token: ""
diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
@@ -76,6 +76,11 @@ spec:
         - --disabled-reconcilers=""
         image: controller
         name: manager
+        volumeMounts:
+        # Try to mount the secret where it is filled in the secrets/maxmind_secret.yaml
+        # The controller trys to read from the 1. args, 2. environment variables, 3. the secrets in this path.
+        - mountPath: "/var/run/secrets/edge-net.io/maxmind-secret"
+          name: "maxmind-secret"
         securityContext:
           allowPrivilegeEscalation: false
           capabilities: