Support SecretStore in container resource (Native Radius Way) for k8s Secrets.

[tdeheurles]

Overview of feature request

Right now, Radius do not support secretstore for referring existing k8s secret as a volume in container. So we are have to use podSpec.

Maybe container resource could support this or a documentation could be present in secretstore as a starting point ?

Here is an example:

resource container 'Applications.Core/containers@2023-10-01-preview' = {
  name: 'ctnr-podpatch'
  location: location
  properties: {
    application: app.id
    container: {
      image: magpieimage
      ports: {
        web: {
          containerPort: port
        }
      }
    }
    connections: {}
    runtimes: {
      kubernetes: {
        pod: { // This is free-form object, you can use any kubernetes podSpec properties.
          containers: [
            {
              name: 'ctnr-podpatch' // ensure that it matches the container name above
              volumeMounts: [
                {
                  name: 'se-charlie-server'
                  mountPath: '/credentials'
                  readOnly: true
                }
              ]
            }
          ]
          volumes: [
            {
              name: 'se-charlie-server'
              secret: {
                secretName: 'se-charlie-server'
              }
            }
          ]
        }
      }
    }
  }
}

FYI @youngbupark

Acceptance criteria

Options:

Additional context

See the topic on discord forum

Would you like to support us?

• Yes, I would like to support you

AB#10953

[radius-triage-bot]

👋 @tdeheurles Thanks for filing this feature request.

A project maintainer will review this feature request and get back to you soon.

We also welcome community contributions! If you would like to pick this item up sooner and submit a pull request, please visit our contribution guidelines and assign this to yourself by commenting "/assign" on this issue.

For more information on our triage process please visit our triage overview

[youngbupark]

@willtsai This is related to #5520. We need to support more use-cases of secretstore for containers. e.g. volume mount, secret reference in fields in container resource or any radius resource.

cc/ @rynowak

[rynowak]

Yup. This is badly needed.

[radius-triage-bot]

👍 We've reviewed this issue and have agreed to add it to our backlog. Please subscribe to this issue for notifications, we'll provide updates when we pick it up.

We also welcome community contributions! If you would like to pick this item up sooner and submit a pull request, please visit our contribution guidelines and assign this to yourself by commenting "/assign" on this issue.

For more information on our triage process please visit our triage overview

[willtsai]

this is completed as a part of #7744