Add example configurations for Custodia demosHEADmaster

3 files changed, 43 insertions, 0 deletions

diff --git a/kubernetes/secret-example/README b/kubernetes/secret-example/README
new file mode 100644
index 0000000..667d3d8
--- /dev/null
+++ b/kubernetes/secret-example/README
@@ -0,0 +1,2 @@
+Example pod and secret to demo how secrets can be provided to a k8s pod.
+
diff --git a/kubernetes/secret-example/secret-example-pod.yaml b/kubernetes/secret-example/secret-example-pod.yaml
new file mode 100644
index 0000000..7e0fe25
--- /dev/null
+++ b/kubernetes/secret-example/secret-example-pod.yaml
@@ -0,0 +1,32 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: secretpod
+  labels:
+    name: secretpod
+    secrets_namespace: wordpress
+spec:
+  containers:
+  - image: fedora
+    name: secretpod
+    command:
+      - sleep
+      - "86400"
+    env:
+      - name: EXAMPLE_PASSWORD
+        value: mypassword
+    volumeMounts:
+      - name: secretvolume
+        mountPath: /secrets
+        readOnly: true
+      - name: custodia
+        mountPath: /custodia
+        readOnly: true
+  volumes:
+    - name: secretvolume
+      secret:
+        secretName: examplesecrets
+    - name: custodia
+      hostPath:
+        path: /var/lib/custodia/client
+
diff --git a/kubernetes/secret-example/secret-example-secrets.yaml b/kubernetes/secret-example/secret-example-secrets.yaml
new file mode 100644
index 0000000..9d08b11
--- /dev/null
+++ b/kubernetes/secret-example/secret-example-secrets.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: examplesecrets
+type: Opaque
+data:
+  password: c3VwZXIgc2VjcmV0IHBhc3N3b3JkCg==
+
+