Add secrets store gopass provider

bin/update.sh

@@ -36,6 +36,9 @@ for i in do-block-storage-StorageClass.yaml do-block-storage-VolumeSnapshotClass
 done
 rm -fr files/digitalocean.old
 
+if [ ! -d files/secrets-provider-gopass ]; then mkdir files/secrets-provider-gopass; fi
+wget https://github.com/camptocamp/secrets-store-csi-driver-provider-gopass/raw/master/deployment/provider-gopass-installer.yaml && \
+  \mv provider-gopass-installer.yaml files/secrets-provider-gopass/
 
 
 #https://github.com/scaleway/scaleway-csi

files/secrets-provider-gopass/provider-gopass-installer.yaml

@@ -0,0 +1,42 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  labels:
+    app: csi-secrets-store-provider-gopass
+  name: csi-secrets-store-provider-gopass
+spec:
+  updateStrategy:
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      app: csi-secrets-store-provider-gopass
+  template:
+    metadata:
+      labels:
+        app: csi-secrets-store-provider-gopass
+    spec:
+      tolerations:
+      containers:
+        - name: provider-gopass-installer
+          image: camptocamp/secrets-store-csi-driver-provider-gopass:0.0.1
+          imagePullPolicy: Always
+          resources:
+            requests:
+              cpu: 50m
+              memory: 100Mi
+            limits:
+              cpu: 50m
+              memory: 100Mi
+          env:
+            # set TARGET_DIR env var and mount the same directory to to the container
+            - name: TARGET_DIR
+              value: "/etc/kubernetes/secrets-store-csi-providers"
+          volumeMounts:
+            - mountPath: "/etc/kubernetes/secrets-store-csi-providers"
+              name: providervol
+      volumes:
+        - name: providervol
+          hostPath:
+              path: "/etc/kubernetes/secrets-store-csi-providers"
+      nodeSelector:
+        beta.kubernetes.io/os: linux

tasks/secrets-store.yml

@@ -26,10 +26,18 @@
       name: csi-secrets-store
       chart_ref: secrets-store-csi-driver/secrets-store-csi-driver
 
+  # https://github.com/camptocamp/secrets-store-csi-driver-provider-gopass
+  - name: Deploy Secrets Store CSI driver provider gopass
+    kubernetes.core.k8s:
+      state: "{{ storage_secrets_store_state }}"
+      context: "{{ my_context }}"
+      namespace: "{{ storage_localpath_namespace }}"
+      apply: true
+      resource_definition: "{{ lookup('file', 'secrets-provider-gopass/provider-gopass-installer.yaml') | from_yaml }}"
+
   tags:
     - storage
     - secrets-store
 
-# https://github.com/camptocamp/secrets-store-csi-driver-provider-gopass
 # https://github.com/hashicorp/vault-csi-provider
 # https://github.com/Azure/secrets-store-csi-driver-provider-azure