Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Try reading the ca.crt and TokenReviewer JWT from the default service account #83

Merged
merged 2 commits into from
Jun 26, 2020
Merged

Try reading the ca.crt and TokenReviewer JWT from the default service account #83

merged 2 commits into from
Jun 26, 2020

Conversation

eh-steve
Copy link
Contributor

@eh-steve eh-steve commented Feb 24, 2020
edited
Loading

This should help address #82

@hashicorp-cla
Copy link

hashicorp-cla commented Feb 24, 2020
edited
Loading

CLA assistant check
All committers have signed the CLA.

@eh-steve eh-steve requested review from tyrannosaurus-becks and briankassouf and removed request for tyrannosaurus-becks February 24, 2020 12:20
@eh-steve
Try reading the ca.crt and TokenReviewer JWT from the default service…
797fe07 
… account secret location to support running inside k8s
@eh-steve eh-steve force-pushed the ca-and-token-from-filesystem-if-empty branch from cf350ad to 797fe07 Compare February 24, 2020 12:29
@eh-steve eh-steve changed the title Try reading the ca.crt and TokenReviewer JWT from the default service… Try reading the ca.crt and TokenReviewer JWT from the default service account Feb 24, 2020
@riuvshyn
Copy link
Contributor

riuvshyn commented May 6, 2020

that would be amazing!!!

@riuvshyn
Copy link
Contributor

@kalafut any chance this change can be considered to merge-in?
This PR simplifies k8s setup alot! really looking forward to this.

@kalafut
Copy link
Contributor

kalafut commented Jun 22, 2020

@riuvshyn Yes, we'll be adding it soon.

@jasonodonnell jasonodonnell requested review from jasonodonnell and removed request for tyrannosaurus-becks June 24, 2020 18:10
jasonodonnell
jasonodonnell approved these changes Jun 24, 2020
View reviewed changes
Copy link

@jasonodonnell jasonodonnell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 LGTM

@jasonodonnell jasonodonnell merged commit 798c499 into hashicorp:master Jun 26, 2020
@jasonodonnell jasonodonnell mentioned this pull request Jun 26, 2020
Merged
@cyrus-mc cyrus-mc mentioned this pull request Jul 26, 2020
Closed
@cyrus-mc
Copy link

@eh-steve

I opened an issue that references this PR as the cause.

I am unable to authenticate to external clusters (when vault is itself running in a cluster) due to the fact that in this change you default the tokenReviewerJWT to the POD token (if found) and one wasn't supplied in the auth configuration.

@cyrus-mc cyrus-mc mentioned this pull request Jul 26, 2020
Closed
@reegnz reegnz mentioned this pull request Aug 27, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonodonnell jasonodonnell jasonodonnell approved these changes

@briankassouf briankassouf Awaiting requested review from briankassouf

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@eh-steve @hashicorp-cla @riuvshyn @kalafut @cyrus-mc @jasonodonnell