-
Notifications
You must be signed in to change notification settings - Fork 910
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[External Secret] - Can't read a secret from a folder #2469
Comments
To access secret inside a folder you need to change the secretPath property in Infisical auth store of external secret operator? |
So I have to create a store for every folder? I can't allow a store to access all secrets recursively? |
@Tchoupinax This is how external secrets operator is designed. The issue with if you apply recursive in store level is you can't control which folder to be show. It will always pull recursively. |
@akhilmhdh, a way this could be implemented is using both the remoteRef key and property values. My existing implementation with Infisical is through a webhook SecretStore, which looks as such (prior to machine identities): Kubernetes Resource
The first allows for individual secrets to be accessed, while the the second allows for arbitrary secret population. The key specifies the path to the secret(s) while the property is the value itself. The current Infisical External Secrets Operator doesn't hit my use-case for Infisical, which is the easy sorting and organization of secrets within a project using folders. It would be ideal to not have to use these workarounds, but I prefer to use external-secrets over the native Infisical operator. |
Hello!
Describe the bug
I have an opened issue when I want to take a secret from a folder with External Secret.
Expected behavior
I expect to be able to get a secret in a specific folder
I ask your help about this, I don't know exactly if it comes from Infisical or External Secret
Infisical version:
v0.85.0-postgres
The text was updated successfully, but these errors were encountered: