1password deployment annotation is not creating kubernetes secret on the cluster
I am trying to create a kubernetes secret by adding the 1password annotations to my deployment annotations. I can see the annotations in my deployment but the secret is not being creates on the kubernetes cluster. I am I missing something? Below are the annotations in my deployment.
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: '3'
kubectl.kubernetes.io/last-applied-configuration: >
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{"operator.1password.io/item-name":"test-secret","operator.1password.io/item-path":"vaults/test-k8s-cluster/items/test-secret"},"labels":{"app.kubernetes.io/instance":"helloworld-app","app.kubernetes.io/managed-by":"Helm","app.kubernetes.io/name":"hello-world","app.kubernetes.io/version":"1.16.0","argocd.argoproj.io/instance":"helloworld-app","helm.sh/chart":"hello-world-0.1.0"},"name":"helloworld-app-hello-world","namespace":"dev"},"spec":{"replicas":3,"selector":{"matchLabels":{"app.kubernetes.io/instance":"helloworld-app","app.kubernetes.io/name":"hello-world"}},"template":{"metadata":{"labels":{"app.kubernetes.io/instance":"helloworld-app","app.kubernetes.io/name":"hello-world"}},"spec":{"containers":[{"image":"nginx:1.16.0","imagePullPolicy":"IfNotPresent","livenessProbe":{"httpGet":{"path":"/","port":"http"}},"name":"hello-world","ports":[{"containerPort":80,"name":"http","protocol":"TCP"}],"readinessProbe":{"httpGet":{"path":"/","port":"http"}}}],"serviceAccountName":"helloworld-app-hello-world"}}}}
operator.1password.io/item-name: test-secret
operator.1password.io/item-path: vaults/test-k8s-cluster/items/test-secret
creationTimestamp: '2022-11-29T20:47:33Z'
generation: 10
labels:
app.kubernetes.io/instance: helloworld-app
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: hello-world
app.kubernetes.io/version: 1.16.0
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Referrer: forum-search:1password deployment annotation is not creating kubernetes secret on the cluster
Comments
-
Hi @smutoni:
First, I'd like to apologize for the delay in response here.
If you're still running into trouble with this, it looks like you're using the Secrets Injector workflow, is that correct? If that's the case, it's necessary to first set up a 1Password Connect Server if you haven't already, and then set up the injector using steps in that link. Let me know how you get on with that!
Jack
0 -
Hi Jack, I was able to create the secret by enabling watch all namespaces on connect operator.
0 -
Hi Jack, I have one more question. I decide to create secrets using 1password deployment annotations. looks like 1password only creates one secret from annotations yet I have to different secret names and paths listed in annotations. please see my configurations below:
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
operator.1password.io/item-path: "vaults/test-k8s-cluster/items/nine-nine-test-secret"
operator.1password.io/item-name: "nine-nine-test-secret"
operator.1password.io/item-path: "vaults/test-k8s-cluster/items/demo-micro-configuration"
operator.1password.io/item-name: "demo-micro-configuration"0 -
Hey @smutoni,
The question that you have has been answered in this thread.
Let us know if you have any other questions. 😊
0