WARNING : This repository is now archived and no more maintained. You can find a similar implementation maintained by hashicorp here.
Vault Sidecar Injector allows to dynamically inject HashiCorp Vault Agent as either an init or a sidecar container, along with configuration and volumes, in any matching pod manifest to seamlessly fetch secrets from Vault. Pods willing to benefit from this feature just have to add some custom annotations to ask for the injection at deployment time.
- 2020-06: Inject secrets in your pod as environment variables
- 2020-03: Vault Sidecar Injector vs HashiCorp Vault Agent Injector - Features Comparison
- 2020-03: Static vs Dynamic secrets
- 2019-12: Discovering Vault Sidecar Injector's Proxy feature
- 2019-11: Vault Sidecar Injector now leverages Vault Agent Template feature
- 2019-10: Open-sourcing Vault Sidecar Injector
Vault Sidecar Injector can be deployed on Kubernetes 1.12 and higher. Deployment on earlier versions may work but has not been tested.
Look at changes for Vault Sidecar Injector releases in CHANGELOG file.
Feel free to create issues or submit pull requests.
This project is licensed under the terms of the Apache 2.0 license.