using the csi secret driver with a private registry

Pull and push images

Images need to be pulled from public repos and pushed to private repo. these will be referenced in the chart late

docker pull   quay.io/k8scsi/csi-node-driver-registrar:v1.2.0
docker pull  us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver:v0.0.12 
docker pull quay.io/k8scsi/livenessprobe:v2.0.0

docker tag   quay.io/k8scsi/csi-node-driver-registrar:v1.2.0 $IMAGE_REPO/k8scsi/csi-node-driver-registrar:v1.2.0
docker tag  us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver:v0.0.12 $IMAGE_REPO/k8s-artifacts-prod/csi-secrets-store/driver:v0.0.12
docker tag quay.io/k8scsi/livenessprobe:v2.0.0  $IMAGE_REPO/k8scsi/livenessprobe:v2.0.0

docker push  $IMAGE_REPO/k8scsi/csi-node-driver-registrar:v1.2.0
docker push  $IMAGE_REPO/k8s-artifacts-prod/csi-secrets-store/driver:v0.0.12
docker push  $IMAGE_REPO/k8scsi/livenessprobe:v2.0.0 

Clone Repo

• git clone https://github.com/Azure/secrets-store-csi-driver-provider-azure
• cd secrets-store-csi-driver-provider-azure/charts/csi-secrets-store-provider-azure

Point to PR with changes

• rm requirements.lock
• open requirements.yaml
• update line 3 with the following. this points to the PR where the containers are configable. This will hopefully be merged in the next day or 2
• repository: https://raw.githubusercontent.com/mickstevenson/secrets-store-csi-driver/linux-container-repo-tag-to-values/charts

update the values.yaml

• open values.yaml . ensure $IMAGE_REPO is replaced with your ACR registry name

image:
  repository: mcr.microsoft.com/k8s/csi/secrets-store/provider-azure
  tag: 0.0.7
  pullPolicy: IfNotPresent

linux:
  nodeSelector: {}
  enabled: true
  resources:
    requests:
      cpu: 50m
      memory: 100Mi
    limits:
      cpu: 50m
      memory: 100Mi

windows:
  nodeSelector: {}
  enabled: false
  resources:
    requests:
      cpu: 100m
      memory: 200Mi
    limits:
      cpu: 100m
      memory: 200Mi

## Configuration values for the secrets-store-csi-driver dependency.
## ref: https://github.com/kubernetes-sigs/secrets-store-csi-driver/tree/master/charts/secrets-store-csi-driver/README.md
##
secrets-store-csi-driver:
  install: true
  linux:
    enabled: true
    kubeletRootDir: /var/lib/kubelet
    metricsAddr: ":8080"
    image:
      repository: "$IMAGE_REPO/k8s-artifacts-prod/csi-secrets-store/driver" 
      tag: "v0.0.12" 
    nodeDriverRegistrarImage:
      repository: "$IMAGE_REPO/k8scsi/csi-node-driver-registrar"
      tag: "v1.2.0"
    livenessProbeImage:
      repository: "$IMAGE_REPO/k8scsi/livenessprobe"
      tag: "v2.0.0"
  windows:
    enabled: false
    kubeletRootDir: C:\var\lib\kubelet
    metricsAddr: ":8080"
  logLevel:
    debug: true

## Install default service account
rbac:
  install: true

Install chart

• helm dependency update .
• helm install --generate-name ./csi-secrets-store-provider-azure --dry-run

helm install csi-secrets-store-provider-azure/csi-secrets-store-provider-azure --generate-name --dry-run | less