How do I add a new Secret?
How do I change the secret poll period in kubernetes external secrets?
Your cloud provider could charge per read of a secret and so a frequent poll of your secrets could cost $$$. You may want to tone down the poll period.
You can do this via the
POLLER_INTERVAL_MILLISECONDS setting in the kubernetes external secrets configuration
For more details see how to configure charts
How do I switch to GSM from Vault?
We recommend you use cloud secret managers over vault as its easier to manage; let your cloud provider do the undifferentiated heavy lifting for you.
If you spin up a cluster on vault and want to switch over to, say, GSM here’s how:
- set the
gsmvariable to true in terraform as described in the getting started guide using your terraform/infrastructure git repository:
echo "gsm = true" >> values.auto.tfvars git add * git commit -a -m "fix: enable gsm" terraform plan terraform apply
- in your dev cluster git repository (which has a
helmfile.yamlinside) modify the
download kpt and add it to your $PATH
run the following to replace your vault secret mapping files with gsm versions:
rm -rf .jx/secret/mapping kpt pkg get https://github.com/jenkins-x/jx3-gitops-template.git/.jx/secret/gsm/mapping .jx/secret/mapping ls -al .jx/secret/mapping # echo we should see secret-mappings.yaml git add .jx/secret git commit -a -m "fix: migrate to gsm secret mapping" # now lets push and watch the git operator git push jx admin log -w
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.