github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-08-22 09:49:35 +00:00
Code Issues Projects Releases Wiki Activity
runtime-rs-qemu-coco-dev-config
kata-containers/tests/integration/kubernetes/runtimeclass_workloads/pod-sealed-secret-as-file.yaml
ChengyuZhu6 a94024aedc tests: add test for sealed file secrets 
add a test for sealed file secrets.

Signed-off-by: ChengyuZhu6 <chengyu.zhu@intel.com>
2024-10-08 16:01:48 +08:00

36 lines
928 B
YAML
Raw Permalink Blame History

# Copyright (c) 2023 Intel Corporation
#
# SPDX-License-Identifier: Apache-2.0
#
apiVersion: v1
kind: Pod
metadata:
name: secret-test-pod-cc
spec:
runtimeClassName: kata
containers:
- name: busybox
image: quay.io/prometheus/busybox:latest
imagePullPolicy: Always
command:
- sh
- -c
- |
unseal_data=$(cat /sealed/secret-value/secret)
not_sealed_data=$(cat /sealed/not-sealed-secret-value/secret)
echo "PROTECTED_SECRET = $unseal_data"
echo "UNPROTECTED_SECRET = $not_sealed_data"
sleep 1000
volumeMounts:
- name: sealed-secret-volume
mountPath: "/sealed/secret-value"
- name: not-sealed-secret-volume
mountPath: "/sealed/not-sealed-secret-value"
volumes:
- name: sealed-secret-volume
secret:
secretName: sealed-secret
- name: not-sealed-secret-volume
secret:
secretName: not-sealed-secret
Reference in New Issue View Git Blame Copy Permalink