Assigned
Status Update
No update yet.
Comments
ba...@google.com
ka...@google.com
I had the same problem!
I could solve it by putting the .aidl file in an aidl directory.
Look at the attached screenshot to see the project structure.
I could solve it by putting the .aidl file in an aidl directory.
Look at the attached screenshot to see the project structure.
Description
Please describe your requested enhancement. Good feature requests will solve common problems or enable new use cases.
What you would like to accomplish:
Config Sync is very much aimed at GCP customers and environments (Anthos). From a security perspective, in my org, k8s secrets are discouraged and use of GCP Secret Manager is a better option. Is this on the roadmap or can be added please?
How this might work:
Cx would like to use GCP secret manager secrets for fetching Github App PrivateKey instead of K8s secret, via workload identity the RootSync pod can pull the secret from GCP secret manager.
Cx would like to be able to natively spec a GCP Secret Manager Secret as the source for Git credentials (private key/token) in the RootSync/RepoSync.
If applicable, reasons why alternative solutions are not sufficient:
Yes there are workarounds such as mounting to k8s via secrets-store-csi-driver [1].
Other information (workarounds you have tried, documentation consulted, etc):
Cx has raised a request via git [2], and TSE mentioned to raise a support ticket to raise a FR.
References:
[1]
[2]