Epic Goal

• Need to graduate and ship the CSI Driver for secrets store as GA. This driver is pluggable to provide the ability for secrets store vendors to create a plugin that allows Kubernetes to mount multiple secrets, keys, and certs stored in enterprise-grade external secrets stores into their pods as a volume. Once the Volume is attached, the data in it is mounted into the container's file system.
• See https://github.com/kubernetes-sigs/secrets-store-csi-driver.
• Operator available in OLM as an optional day 2 operator.
• This epic ONLY covers the CSI driver and its operator. It does NOT include the support for third party providers which should go through a certification process (or non certified third party support policy). Provider deployment is separated from the CSI driver.

Why is this important?

• Needed by key customers

Scenarios

1. ...

Acceptance Criteria

• CI - MUST be running successfully with tests automated
• Release Technical Enablement - Provide necessary release enablement details and documents.

Dependencies (internal and external)

1. We need certified providers such as Vault to deliver an end to end solution
2. CSI inline volumes (already GA)

Previous Work (Optional):

1. Tech Preview released

Open questions::

1. …

Done Checklist

• CI - CI is running, tests are automated and merged.
• Release Enablement <link to Feature Enablement Presentation>
• DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
• DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
• DEV - Downstream build attached to advisory: <link to errata>
• QE - Test plans in Polarion: <link or reference to Polarion>
• QE - Automated tests merged: <link or reference to automated tests>
• DOC - Downstream documentation merged: <link to meaningful PR>