-
Notifications
You must be signed in to change notification settings - Fork 4.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
agent/template: add static_secret_render_interval configurable #11934
Conversation
In case it confuses anyone, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you update the docs here too?
Co-authored-by: Theron Voran <[email protected]>
Co-authored-by: Theron Voran <[email protected]>
Co-authored-by: Theron Voran <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also a reminder to update the PR description with the new parameter 😃
@@ -119,7 +119,9 @@ type Sink struct { | |||
|
|||
// TemplateConfig defines global behaviors around template | |||
type TemplateConfig struct { | |||
ExitOnRetryFailure bool `hcl:"exit_on_retry_failure"` | |||
ExitOnRetryFailure bool `hcl:"exit_on_retry_failure"` | |||
StaticSecretRenderIntRaw interface{} `hcl:"static_secret_render_interval"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did we land/agree on settling with nonleased_secret_render_interval
as the param name?
Consul Template recently added a feature to allow operators to override the default lease duration when a secret has no lease/isn't renewable. This default (5m) can be now altered using the following agent config:
We'll need to add this configurable to both Vault K8s and Vault Helm.