My setup is as follows:
- I have a Kubernetes cluster that I am running with RKE2.
- I manage user credentials for Kubernetes API through OpenID Connect with Dex connected to my LDAP.
- I also have a JFrog instance on-premise (same ldap auth).
Currently, I hard code the credentials of a user of the JFrog Docker registry on each node, such that it pulls images from JFrog using the credentials I place on the node. I set the credentials in rke2's registries.yaml.
I want to be able to rotate the credentials or even drop them altogether, but now I have to restart Kubernetes every time I change the credentials. I am hoping to use the jfrog credentials provider to solve this.
My setup is as follows:
Currently, I hard code the credentials of a user of the JFrog Docker registry on each node, such that it pulls images from JFrog using the credentials I place on the node. I set the credentials in rke2's registries.yaml.
I want to be able to rotate the credentials or even drop them altogether, but now I have to restart Kubernetes every time I change the credentials. I am hoping to use the jfrog credentials provider to solve this.