We are in the process of migrating to K8s. We would like to create a separate access key or token for each namespace per repository. For example:
App 1 (i.e., in namespace 1) has read only access to repository A using key/token α.
App 1 (i.e., in namespace 1) has read write access to repository B using key/token ß.
App 2 (i.e., in namespace 2) has read only access to repository A using key/token δ.
App 2 (i.e., in namespace 2) has read write access to repository B using key/token ∞.
We would like to automate the creation of these keys/tokens in Argo Workflows, which we are using for CI. We would like to automate the rotation of these keys/tokens, but currently the focus is creation.
I opened a ticket with support recently and they pointed me to this feature request. The request only has 3 votes so I'm not expecting it to be implemented anytime soon. Is there another way I should be going about this?
Not a today problem, but for context we also would like to automate rotation of keys/tokens. Alternatively, if we could automate access control using short lived tokens that could work too, then no need to rotate.