provider-sql icon indicating copy to clipboard operation
provider-sql copied to clipboard
verified publisher icon crossplane-contrib

PublishConnectionDetailsTo

Open mateusz-lubanski-sinch opened this issue 3 years ago • 2 comments

What problem are you facing?

On AWS Provider we can find that connection secrets are exposed by two ways:

  • writeConnectionSecretToRef - documentation says that this field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo
  • PublishConnectionDetailsTo - design-doc-external-secret-stores.md design document was recently accepted and crossplane stated that this is the way forward

We just started using crossplane in our company and some teams would like to store secrets in AWS SecretManager and/or Vault. This is not possible with writeConnectionSecretToRef

How could Crossplane help solve your problem?

By implementing PublishConnectionDetailsTo in provider-sql

mateusz-lubanski-sinch avatar Oct 26 '22 05:10 mateusz-lubanski-sinch

Depends on https://github.com/crossplane-contrib/provider-sql/pull/116

See also #113

chlunde avatar Nov 09 '22 21:11 chlunde

@chlunde upgraded to v0.6.0 and when I set User.spec.publishConnectionDetailsTo I get below warning

Warning  CannotPublishConnectionDetails  8s (x17 over 5m49s)  managed/user.mysql.sql.crossplane.io  cannot publish to secret store, feature is not enabled

I tried add - --enable-external-secret-stores argument on ControllerConfig for provider-sql but it is not supported

Do you have any tips how I can enable this feature on provider-sql?

mateusz-lubanski-sinch avatar Dec 01 '22 14:12 mateusz-lubanski-sinch