►
From YouTube: Secrets Store CSI Community Meeting - 2021-11-11
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
All
right,
hello
and
welcome
everyone
today
is
november
11th
2021..
Thank
you
for
joining
us
for
our
bi-weekly
csi
secrets
store
call
just
as
a
reminder.
This
call
is
governed
by
the
cncf
code
of
conduct.
You
can
find
the
kodaconda
file
in
the
repo
and
with
that
we'll
go
ahead
and
start
our
call,
we'll
go
down
the
items
here
and
the
agenda.
A
Yeah
yeah
go
ahead,
tommy,
let's
go
forward,
we're
gonna
talk
about
the
foul
permissions
and
we
got
an
issue
here.
B
Yep
so
there's
a
few
feature:
requests
for
file
permissions.
I've
done
some
investigation
on
it
and
I
think
there
are
pretty
much
no
driver
changes
that
would
be
needed
to
support
it,
but
providers
would
need
to
to
change
some
things.
B
So
I'm
going
to
try
that
out
on
the
gcp
one
and
then,
like
you
know,
if
successful,
we
can
introduce
a
new
like
default
field
into
the
the
secret
provider
class
schema
to
give
like,
so
that
providers
wouldn't
have
to
have
to
implement
it,
but
users
could
change
the
default
file.
Permissions
of
of
all
files.
C
D
B
I
might
not
push
the
feature
to
like
a
gcp
to
release,
but
I
think
if
it
works,
then
we
can
discuss
whether
or
not
we
want
providers
to
implement
something
or
if
we
go
ahead
and
just
do
it
in
the
in
the
driver.
Yeah.
B
Correct,
I
do
not
believe
that
the
driver
needs
any
changes
for
providers
to
implement
different
file
system
permissions.
Correct
then.
The
next
item
that
I
brought
up
or
bullet
point
is
that,
like
the
mounts
are
still
read
only
so
some
permissions,
like
deleting
a
file,
wouldn't
work
that
would
require
driver
work,
but
I
just
assigned
that
to
myself
to
create
a
separate,
separate,
github
issue
to
investigate
read-only
mounts
separately
from
this.
D
C
C
B
I'll
just
add
that,
as
a
note,
okay,
yeah,
I'm
okay,
you're
feeling
it
there.
I
was
turning
it
in
the
notes.
Oh
okay,
you
can
fill
it
in
the
nuts.
I
think
we'll
just
take
that
as
a
note
to
look
into
of
whether
or
not.
B
D
D
A
Okay,
right
next
up
rotation.
D
B
I
just
added
that
I
just
linked
to
finishes
draft
pr.
I
think
this
is
one
of
the
rotation
was
just
one
of
the
features
that
I
think
we
we
wanted
next
to
try
to
get
to
a
ga
status
or
like
a
1.0
status,
and
this
is
like
a
prereq
for
it,
but
just
wanted
to
bring
that
up.
C
Dad
I
mean
so
that
this
is
the
initial
validation
works
like
I
was.
I
was
able
to
generate
the
token
and
basically
do
what
the
csi
driver
when
the
csi
driver
gets
called
what
it
gets
in
terms
of
tokens,
and
then
one
other
thing
that
I
was
thinking
about
was
in
terms
of
running
load
test.
This
can
generate
quite
a
bit
of
token
request
call.
So
I
was
discussing
that
with
our
tommy
to
see
if
we
want
to
implement
some
kind
of
caching.
C
So
I'm
trying
to
write
up
something
for
that,
so
that
I
can
post
that
here
as
part
of
the
pr.
So
that
is
one
other
push
and
then
once
I
do
that
I'll
make
it
ready
for
review.
A
We
are
speeding
through
this
all
right.
I
guess
the
last
thing
is
yeah
new
timing.
So
you
know
maybe
we
can
make
this
not
so
early
for
our
west
coast
people
I
know.
Initially
we
were
trying
to
ensure
that
it
wasn't
going
to
be
too
late
for
anyone
that
was
joining
in
in
europe.
A
But
let's,
let's
go
ahead
and
do
this
we'll
put
a
poll
out
in
the
slack
channel
and
see
you
know
if
we
can
get
a
consensus
on
a
better
start
time
for
this
meeting
and
go
from
there.
A
A
All
right,
so
we
got
through
that,
I
don't
know.
Is
there
anything
from
last
meeting
I
saw
there
was
a
ton
of
discussion
here
say
anything
to
follow
up
from
the
meeting
that
happened
back
in
october,
the
one
I
guess
yeah
right
after.
C
Yeah,
I
think
in
that
one
basically,
we
went
over
what
was
the
thing,
so
I
think
tommy
had
pointed
out
that
the
project
is
1.0
and
then
there
are
certain
features
which
are
in
alpha
and
we
basically
talked
about
where
they're
going
to
go
from
alpha
to
like.
Are
they
going
to
be
graduated
soon
or
are
we
looking
at
having
something
different
right
and
then
the
rotation
was
one
thing
that
we
definitely
want
to
graduate
to
stable.
C
So
like
the
rotation
has
a
path
forward
and
then,
in
terms
of
sync
implementation,
we've
talked
about
this
before
too
right,
where
we
want
to
decouple
the
amount
and
the
sync
is
kubernetes
secret,
rather
than
forcing
the
user
to
do
both
of
it
just
for
the
environment
variable
so
that
that
warrants
a
proposal
like
basically
that's
what
shigawat
asked
for
so.
The
next
step
for
sync,
as
kubernetes
secret,
is
I'll.
Continue
working
on
the
proposal,
get
it
to
a
good
shape
and
then
go
back
to
cigarette
and
present
it.
C
A
All
right,
so
I
think
that's
it,
I'm
not
sure
if
there's
any
issues
out
here
lately
that
we
want
to
look
at
or
that
was
interesting
to
anyone.
C
Yeah
the
first
one
seemed
interesting,
like
a
restricting
syncing
of
secrets
to
certain
namespaces,
I
mean
I
was
thinking
it
can
be
as
simple
as
just
defining
it
in
the
service
account
custom
role.
Basically
like
today
we
say
we
want
secret
sync
permission
across
all
the
name
spaces
right
and
if
you
want
to
restrict
it,
I
think
it
can
be
as
simple
as
just
adding
the
name
spaces
that
you
want
to
sync.
A
C
D
C
C
C
Yeah,
but
I'm
also
working
on
adding
like
some
debugging
and
diagnostics
capability
to
the
other
side
cards
that
we
use
like
for
no
driver
register.
I
recently
added
pre-proc
because
I
was
running
low
tests.
I
was
seeing
it.
It
was
consuming
way
more
memory
than
it
requires
like
it's,
it's
a
very
small
process,
so
it
was
just
surprising.
A
Great,
I
think
that's
it.
I
guess
one
thing
to
chat
about
to
exactly
two
weeks
from
now
is
actually
thanksgiving,
so
the
meeting
will
fall
on
the
holidays,
so
we
will
not
have
a
meeting
on
the
25th,
so
I'm
assuming
we'll
we'll
just
pick
up
december
9th,
which
will
be
two
weeks
after
the
thanksgiving
holiday
here
in
the
u.s.
A
Okay,
I
think
we're
done
all
right.
Thank
you!
Everyone,
I'll
post,
this
video
up
as
soon
as
possible,
we'll
put
the
poll
out
to
see
if
there's
any
changes
to
when
we
should
have
this
meeting
time
time-wise
and
if
you're
in
the
u.s
enjoy
the
thanksgiving
holiday
coming
here.
The
next
couple
of
weeks
and
we'll
see
everyone
back
in
december
on
the
ninth
thanks
right:
okay
have
a
good
year!
Thank
you
all
right.