From 03bc22bd0efe0ef6375fd6449302e95686c0c8c1 Mon Sep 17 00:00:00 2001 From: Sebastian Bernauer Date: Wed, 7 Jan 2026 08:32:32 +0100 Subject: [PATCH] chore: Switch secret-operator volume to ephemeral --- stacks/authentication/openldap-tls.yaml | 18 +++++++++++++----- stacks/observability/grafana.yaml | 18 +++++++++++++----- 2 files changed, 26 insertions(+), 10 deletions(-) diff --git a/stacks/authentication/openldap-tls.yaml b/stacks/authentication/openldap-tls.yaml index f62a58b0..4822ce1b 100644 --- a/stacks/authentication/openldap-tls.yaml +++ b/stacks/authentication/openldap-tls.yaml @@ -71,11 +71,19 @@ spec: port: 1389 volumes: - name: tls - csi: - driver: secrets.stackable.tech - volumeAttributes: - secrets.stackable.tech/class: openldap-tls - secrets.stackable.tech/scope: pod + ephemeral: + volumeClaimTemplate: + metadata: + annotations: + secrets.stackable.tech/class: openldap-tls + secrets.stackable.tech/scope: pod + spec: + storageClassName: secrets.stackable.tech + accessModes: + - ReadWriteOnce + resources: + requests: + storage: "1" --- apiVersion: v1 kind: Service diff --git a/stacks/observability/grafana.yaml b/stacks/observability/grafana.yaml index 399f4f0a..58a3f180 100644 --- a/stacks/observability/grafana.yaml +++ b/stacks/observability/grafana.yaml @@ -69,8 +69,16 @@ options: extraVolumes: # Request a TLS certificate from the secret-operator - name: tls - csi: - driver: secrets.stackable.tech - volumeAttributes: - secrets.stackable.tech/class: tls - secrets.stackable.tech/scope: node,pod,service=grafana + ephemeral: + volumeClaimTemplate: + metadata: + annotations: + secrets.stackable.tech/class: tls + secrets.stackable.tech/scope: node,pod,service=grafana + spec: + storageClassName: secrets.stackable.tech + accessModes: + - ReadWriteOnce + resources: + requests: + storage: "1"