mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-09-19 15:09:56 +00:00
1f012004a6
When a tenant provides a configuration that includes the `vaultNamespace` option, the `vaultAuthNamespace` option is still taken from the global configuration. This is not wanted in all cases, as the `vaultAuthNamespace` option defauls to the `vaultNamespace` option which the tenant may want to override as well. The following behaviour is now better defined: 1. no `vaultAuthNamespace` in the global configuration: A tenant can override the `vaultNamespace` option and that will also set the `vaultAuthNamespace` option to the same value. 2. `vaultAuthNamespace` and `vaultNamespace` in the global configuration: When both options are set to different values in the global configuration, the tenant `vaultNamespace` option will not override the global `vaultAuthNamespace` option. The tenant can configure `vaultAuthNamespace` with a different value if required. Signed-off-by: Niels de Vos <ndevos@redhat.com> |
||
|---|---|---|
| .. | ||
| aws_metadata_test.go | ||
| aws_metadata.go | ||
| keyprotect_test.go | ||
| keyprotect.go | ||
| kms_test.go | ||
| kms.go | ||
| secretskms_test.go | ||
| secretskms.go | ||
| vault_sa_test.go | ||
| vault_sa.go | ||
| vault_test.go | ||
| vault_tokens_test.go | ||
| vault_tokens.go | ||
| vault.go | ||