How can I create Kubernetes Secrets in OnePassword for Service Accounts
Options
TheRapac
Community Member
Create a Kubernetes Secret for Service Accounts
Service Account
kind: ServiceAccount apiVersion: v1 metadata: name: ppdm-discovery-serviceaccount namespace: powerprotect
Secret
apiVersion: v1
kind: Secret
metadata:
name: ppdm-discovery-serviceaccount-token
namespace: powerprotect
annotations:
kubernetes.io/service-account.name: ppdm-discovery-serviceaccount
type: kubernetes.io/service-account-token
Create a Kubernetes Secret for Service Accounts from a 1Password item
Service Account
kind: ServiceAccount apiVersion: v1 metadata: name: ppdm-discovery-serviceaccount namespace: powerprotect
Secret
apiVersion: onepassword.com/v1
kind: OnePasswordItem
type: kubernetes.io/service-account-token
metadata:
name: ppdm-discovery-token
annotations:
kubernetes.io/service-account.name: ppdm-discovery-serviceaccount
spec:
itemPath: vaults/kube-infra/items/powerprotect__serviceaccount
ERROR (log op-operator)
Reconciler error
{"controller": "onepassworditem", "controllerGroup": "onepassword.com", "controllerKind": "OnePasswordItem", "OnePasswordItem": {"name":"ppdm-discovery-token","namespace":"powerprotect"}, "namespace": "powerprotect", "name": "ppdm-discovery-token", "reconcileID": "4efa5911-3755-4b5a-b407-eccffa09f6ac", "error": "Secret \"ppdm-discovery-token\" is invalid: metadata.annotations[kubernetes.io/service-account.name]: Required value"}
Question
- How looks a 1Password item in 1Password?
- How do i create a Kubernetes Secret for Service Accounts from a 1Password item?
0