Search code examples
google-kubernetes-enginegoogle-cloud-composergoogle-secret-manager

Mount google secret manager secret to KubernetesPodOperator

I have a private Cloud Composer 1(Airflow 2) cluster. I can mount a GKE Secret as a file with KubernetesPodOperator. It gives me overhead of deploying secrets to Kubernetes directly, which I wouldn't prefer.

But I couldn't find a way to mount a secret from Google Secret Manager to KubernetesPodOperator.

Do you know how to mount Secret Manager secret to a KubernetesPodOperator?

Solution

  • Your best bet is to use https://github.com/GoogleCloudPlatform/secrets-store-csi-driver-provider-gcp to mount secrets as files from Secret Manager.