I have tried to follow Hashicorp Vault's guide on injecting secrets into an application pod: https://learn.hashicorp.com/tutorials/vault/kubernetes-sidecar#inject-secrets-into-the-pod
The problem is, that I simply cannot get the vault-agent (sidecar) to initialize.
I have tried following several guides, and I always get this error when trying to start the sidecar. I am not sure why I keep getting it, because the logs doesen't show me any errors:
kubectl logs pod/orgchart-6f88c9f9f4-fzwcf vault-agent -n vault
I am not quite sure what is going on. I am following the mentioned guide quite completely.
The error happens when I try to run the deployment patch, which is used to inject the secret in the application. This is the code for the patch:
spec:
template:
metadata:
annotations:
vault.hashicorp.com/agent-inject: 'true'
vault.hashicorp.com/role: 'internal-app'
vault.hashicorp.com/agent-inject-secret-database-config.txt: 'internal/data/database/config'
The guide says the following about the deployment patch:
The Vault Agent Injector only modifies a deployment if it contains a specific set of annotations. An existing deployment may have its definition patched to include the necessary annotations.
So, we use the patch to modify the deployment and inject the needed secret, and we apply it like this:
kubectl patch deployment orgchart --patch "$(cat patch-inject-secrets.yaml)"
As you can see here the patch hasn't been initialized for 82 min:
Thank you in advance!
