Transition to using secrets in Key Vault.

This does the following: - Removes references to the atst-override.ini file, now deprecated. - Adds all non-secret data that was managed in the override file to the relevant K8s ConfigMaps. - Adds additional documentation explaining out use of Key Vault for secrets management.
2019-12-05 14:56:07 -05:00
parent f8c31e4dcf
commit ec638d6b01
5 changed files with 53 additions and 72 deletions
--- a/deploy/azure/crls-sync.yaml
+++ b/deploy/azure/crls-sync.yaml
@@ -32,21 +32,11 @@ spec:
            - configMapRef:
                name: atst-worker-envvars
            volumeMounts:
-              - name: atst-config
-                mountPath: "/opt/atat/atst/atst-overrides.ini"
-                subPath: atst-overrides.ini
              - name: crls-vol
                mountPath: "/opt/atat/atst/crls"
              - name: flask-secret
                mountPath: "/config"
          volumes:
-            - name: atst-config
-              secret:
-                secretName: atst-config-ini
-                items:
-                - key: override.ini
-                  path: atst-overrides.ini
-                  mode: 0644
            - name: crls-vol
              persistentVolumeClaim:
                claimName: crls-vol-claim