►
From YouTube: Secrets Store CSI Community Meeting - 2022-07-21
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hey
everyone
welcome
to
the
csi
secret
store
community
call
today
is
july,
21st
2022.
This
call
falls
under
the
cncf
code
of
conduct,
it's
recorded
and
will
be
published
on
youtube.
If
you're
on
the
attendee
list.
Please
add
your
name
share
and
then,
in
terms
of
announcements,
we
published
a
1.2.1
which
has
cve
patches
for
the
base
images
last
week
and
then
post
that
we
also
released
1.2.2,
which
had
a
critical
bug
fix
that
was
required
for
running
the
csi
driver
on
the
newer
windows,
ltsc
2022
version.
A
And
we
have
a
pretty
short
agenda.
Like
the
first
item
that
I
added
for
discussion,
I
wanted
to
see
if
we
can
get
feedback
from
all
the
other
community
members
and
maintainers
about
adding
new
lake
and
xander
as
maintainers
they've
been
helping
out
quite
a
bit
with
the
project,
and
then
lake
has
contributed
quite
a
lot
for
it,
so
he's
already
added
as
a
reviewer
for
the
project.
A
Okay
and
then
the
next
one
was
you're
gonna
discuss
dnspr.
B
B
Yes,
I
do
okay
yeah,
so
I
had
to
look
at
tommy's
response
a
little
while
ago
I
was
trying
to
wrap
my
head
around
like
the
direction
he
he
wants
us
to
go
instead,
my
understanding
is
that
he
sees
like
the
the
usefulness
of
of
transform
of
transformation
and
wants
to
like
generalize
this
like
templating,
so
it's
not
just
related
to
syncing,
but
like
the
issue
that
he
he
linked
to.
B
My
understanding
of
that
was
that
the
user
just
wanted
the
ability
to
hard
code
like
key
value
pairs
in
a
secret
through
secret
objects,
which
seemed
like
different,
and
I
wasn't
sure
what
he
meant
by
like
that.
That
highlighted
comment.
The
concept
of
transform
or
one
file
can
map
to
multiple
files
based
on
json
path.
So-
and
I
I
figured
like
a
a
concrete
example-
would
be
like
better
for
my
own
understanding.
A
Yeah,
I
think
the
way
I
understand
his
comment
is
so
the
pr
currently
implements
the
changes
for
templating
only
on
the
sync
secret
right.
So
basically
it's
parsing
the
files,
that's
written
from
the
driver
like
from
the
provider,
and
then
it's
doing
some
kind
of
templating
like
if
it
is
a
json
struct,
it's
taking
out
the
key
value
pairs,
but
adding
only
those
key
value
pairs
in
the
kubernetes
secret.
A
A
B
So
I'm
just
gonna
repeat
back
to
you
what
I
think
I
understood
just
to
make
sure
I
am
understanding
so
so,
like
the
behavior
of
the
pr
now
is
that
the
provider
gets
a
response
or
that
the
driver
gets
a
response
from
a
provider.
That's
a
json
object
and
just
mounts
that
json
object
and
then
does
the
parsing
and
extracts
those
key
value
pairs.
What
you're
saying
is,
instead
of
like
mounting
that
file
as
a
json
object,
the
driver
should
recognize
this
is
json
and
we
have
these
templating
configurations
in
the
spc.
A
A
We
provide
an
option,
called
object,
alias
so
the
file
name
could
just
be
secret,
one
which
is
the
same
as
object
name
or
if
their
code
looks
for
something
like
foo
or
bar
or
something
they
can
say
like
the
object.
Name
is
secret
one,
but
the
object,
alias
should
be
four,
which
means
when
you
write
it
to
the
file
system,
write
it
with
the
file
name
for
right.
A
So
this
is
what
all
the
providers
decide.
So
they
basically
decide
what
the
content
is
and
what
the
file
name
is,
and
they
return
it
to
the
driver
at
the
driver
level,
if
it's
a
json
and
if
you're
passing
through
the
json
and
extracting
key
value
pairs,
the
problem
is
the
driver
now
has
to
determine
what
the
file
name
is
going
to
be,
so
it's
probably
going
to
append,
maybe
the
key
name
or
something
to
the
file
name,
so
that
it
can
write
multiple
files
for
each
key
value
pairs.
A
B
Yeah
I
figured
I
think
that
was
an
issue
with,
like
one
of
my
previous
implementations
of
this
functionality.
Was
that
like
by
by
choosing
to
use
this
sort
of
templating,
the
user
in
some
cases,
would
sacrifice
the
flexibility
of
being
able
to
name
their
own
files
and
that
wasn't
like
a
direction.
I
think
we
wanted
to
go
in.
A
A
Reason
like
the
reason
I
can
see
why
tommy's
saying
this
is
because
there
are
like
two
places
where
this
transformation
now
happens.
Right,
like
driver
is
doing
it
for
sync
secret,
but
then
also
each
provider
is
doing
something
on
their
level
again
for
templating
like
where
they
are
trying
to
get
it
from
external
secret
store,
then
parse
through
it
and
do
things
there.
A
B
A
B
B
Okay,
yeah,
it
seems
like
there's
yeah,
just
a
little
more
involved.
It
seems
like
the
direction
is
trying
to
close
this,
like
weird
split
of
behaviors
between
the
driver
and
providers
and
just
trying
to
like
unify
it
in
one
place
right.
B
Right,
okay!
Well,
I
can
definitely
wrestle
with
those
thoughts
for
a
bit.
I
am
gonna
have
some
time
this
weekend
to
just
kind
of
freely
work
on
this,
so
I'll
open
up
a
thread
on
slack
yeah
and
maybe
maybe
try
to
post
some
like
some
like
poc
examples
to
see
if
it's
going
in
the
right
direction,.
A
B
Yeah
that'd
be
great.
I
may
also
ask
to
sync
up
on
like
video
at
some
point
outside
of
the
the
the
meeting
that
we're
having
today,
that's
usually
helpful.
If
I
could
just
get
some
video
time,
yeah
sure.
A
Okay,
we
don't
have
any
other
item,
I
was
thinking.
Maybe
we
can
just
look
at
issues
and
fears.
A
A
So
this
one,
I
remember,
we
discussed
in
the
last
community,
call
and
said
this
is
not
something
we
want
to
support.
So
if
everyone's
okay
with
it,
I
will
probably
just
comment
and
close
this
one
out:
okay,.
A
A
Yeah,
I
don't
remember,
I
don't
think
they
were
there
anyways,
but
I
think
we
did
discuss
this
so
yeah.
So
little
we'll
close
out
that
one
this
one,
I
think
they
were
waiting
for
me
to
respond.
So
I
will
look
at
it
today.
A
A
Okay,
I
don't
see
anything
else
new
from
the
last
time
and
in
terms
of
full
request
the
other
day
this
one
is
not
being
active
at
all.
I
mean
I
think
we
can
just
let
the
bot
close
it
soon.
A
This
is
a
good
to
have
thing
like
I
think,
ability
to
configure
digest
in
the
helm
chat,
but
I
had
added
some
comments
and
they
haven't
changed
in
that.
Yet.
A
A
I
think
that's
all
we
have
anything
else.
You
all
want
to
discuss.