diff --git a/README.md b/README.md
index 733266009..bb071e549 100644
--- a/README.md
+++ b/README.md
@@ -12,17 +12,28 @@ _WIP_
This guide will walk you through the steps to configure and run the Azure Key Vault provider for Secret Store CSI driver on Kubernetes.
-### Install the Secrets Store CSI Driver
+### Install the Secrets Store CSI Driver and the Azure Keyvault Provider
**Prerequisites**
Recommended Kubernetes version:
- For linux - v1.16.0+
- For windows - v1.18.0+
-💡 Make sure you have followed the [Installation guide for the Secrets Store CSI Driver](https://github.com/kubernetes-sigs/secrets-store-csi-driver#usage) to install the driver.
+**Deployment using Helm**
+
+Follow [this guide to install using Helm](charts/csi-secrets-store-provider-azure/README.md)
+
+
+[ALTERNATIVE DEPLOYMENT OPTION] Using Deployment Yamls
+
+### Install the Secrets Store CSI Driver
+
+💡 Follow the [Installation guide for the Secrets Store CSI Driver](https://github.com/kubernetes-sigs/secrets-store-csi-driver#usage) to install the driver.
+
### Install the Azure Key Vault Provider
+For linux nodes
```bash
kubectl apply -f https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/deployment/provider-azure-installer.yaml
```
@@ -45,6 +56,7 @@ NAME READY STATUS RESTARTS AGE
csi-secrets-store-provider-azure-4ngf4 1/1 Running 0 8s
csi-secrets-store-provider-azure-bxr5k 1/1 Running 0 8s
```
+
### Using the Azure Key Vault Provider
diff --git a/charts/csi-secrets-store-provider-azure-0.0.5.tgz b/charts/csi-secrets-store-provider-azure-0.0.5.tgz
new file mode 100644
index 000000000..bcf0a2edd
Binary files /dev/null and b/charts/csi-secrets-store-provider-azure-0.0.5.tgz differ
diff --git a/charts/csi-secrets-store-provider-azure/Chart.yaml b/charts/csi-secrets-store-provider-azure/Chart.yaml
new file mode 100644
index 000000000..6ec6b51df
--- /dev/null
+++ b/charts/csi-secrets-store-provider-azure/Chart.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+name: csi-secrets-store-provider-azure
+version: 0.0.5
+appVersion: 0.0.5
+kubeVersion: ">=1.16.0-0"
+description: A Helm chart to install the Secrets Store CSI Driver and the Azure Keyvault Provider inside a Kubernetes cluster.
+sources:
+ - https://github.com/Azure/secrets-store-csi-driver-provider-azure
+home: https://github.com/Azure/secrets-store-csi-driver-provider-azure
+maintainers:
+ - name: Anish Ramasekar
+ email: anish.ramasekar@gmail.com
diff --git a/charts/csi-secrets-store-provider-azure/README.md b/charts/csi-secrets-store-provider-azure/README.md
new file mode 100644
index 000000000..47b3b8fae
--- /dev/null
+++ b/charts/csi-secrets-store-provider-azure/README.md
@@ -0,0 +1,39 @@
+# csi-secrets-store-provider-azure
+
+Azure Key Vault provider for Secret Store CSI driver allows you to get secret contents stored in Azure Key Vault instance and use the Secret Store CSI driver interface to mount them into Kubernetes pods.
+
+## Installation
+
+Quick start instructions for the setup and configuration of secrets-store-csi-driver and azure keyvault provider using Helm.
+
+### Prerequisites
+
+- [Helm3](https://helm.sh/docs/intro/quickstart/#install-helm)
+
+### Installing the Chart
+
+- This chart installs the [secrets-store-csi-driver](https://github.com/kubernetes-sigs/secrets-store-csi-driver) and the azure keyvault provider for the driver
+
+```shell
+$ helm repo add csi-secrets-store-provider-azure https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts
+$ helm install csi-secrets-store-provider-azure/csi-secrets-provider-azure --generate-name
+```
+
+### Configuration
+
+The following table lists the configurable parameters of the csi-secrets-store-provider-azure chart and their default values.
+
+| Parameter | Description | Default |
+| --------- | ----------- | ------- |
+| `nameOverride` | String to partially override csi-secrets-store-provider-azure.fullname template with a string (will prepend the release name) | `""` |
+| `fullnameOverride` | String to fully override csi-secrets-store-provider-azure.fullname template with a string | `""` |
+| `image.repository` | Image repository | `mcr.microsoft.com/k8s/csi/secrets-store/provider-azure` |
+| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
+| `image.tag` | Azure Keyvault Provider image | `0.0.5` |
+| `linux.enabled` | Install azure keyvault provider on linux nodes | true |
+| `linux.resources` | Resource limit for provider pods on linux nodes | `requests.cpu: 50m`
`requests.memory: 100Mi`
`limits.cpu: 50m`
`limits.memory: 100Mi` |
+| `windows.enabled` | Install azure keyvault provider on windows nodes | false |
+| `windows.resources` | Resource limit for provider pods on windows nodes | `requests.cpu: 100m`
`requests.memory: 200Mi`
`limits.cpu: 100m`
`limits.memory: 200Mi` |
+| `secrets-store-csi-driver.install` | Install secrets-store-csi-driver with this chart | true |
+| `secrets-store-csi-driver.linux.enabled` | Install secrets-store-csi-driver on linux nodes | true |
+| `secrets-store-csi-driver.windows.enabled` | Install secrets-store-csi-driver on windows nodes | false |
diff --git a/charts/csi-secrets-store-provider-azure/requirements.lock b/charts/csi-secrets-store-provider-azure/requirements.lock
new file mode 100644
index 000000000..39637f74e
--- /dev/null
+++ b/charts/csi-secrets-store-provider-azure/requirements.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: secrets-store-csi-driver
+ repository: https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/master/charts
+ version: 0.0.9
+digest: sha256:a3f8946d1dcbb91e02670a7d6fd9616af22f1177f1d21f029fd19e5ce62ecf0f
+generated: "2020-04-29T12:35:16.72393-07:00"
diff --git a/charts/csi-secrets-store-provider-azure/requirements.yaml b/charts/csi-secrets-store-provider-azure/requirements.yaml
new file mode 100644
index 000000000..1a95267e2
--- /dev/null
+++ b/charts/csi-secrets-store-provider-azure/requirements.yaml
@@ -0,0 +1,5 @@
+dependencies:
+- name: secrets-store-csi-driver
+ repository: https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/master/charts
+ version: 0.0.9
+ condition: driver.install
diff --git a/charts/csi-secrets-store-provider-azure/templates/_helpers.tpl b/charts/csi-secrets-store-provider-azure/templates/_helpers.tpl
new file mode 100644
index 000000000..2f34c3041
--- /dev/null
+++ b/charts/csi-secrets-store-provider-azure/templates/_helpers.tpl
@@ -0,0 +1,34 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "sscdpa.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "sscdpa.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Standard labels for helm resources
+*/}}
+{{- define "sscdpa.labels" -}}
+labels:
+ heritage: "{{ .Release.Service }}"
+ release: "{{ .Release.Name }}"
+ revision: "{{ .Release.Revision }}"
+ chart: "{{ .Chart.Name }}"
+ chartVersion: "{{ .Chart.Version }}"
+ app: {{ template "sscdpa.name" . }}
+{{- end -}}
diff --git a/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml b/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml
new file mode 100644
index 000000000..c788ab1ed
--- /dev/null
+++ b/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml
@@ -0,0 +1,37 @@
+{{- if .Values.windows.enabled}}
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: {{ template "sscdpa.fullname" . }}-windows
+ namespace: {{ .Release.Namespace }}
+{{ include "sscdpa.labels" . | indent 2 }}
+spec:
+ updateStrategy:
+ type: RollingUpdate
+ selector:
+ matchLabels:
+ app: {{ template "sscdpa.name" . }}
+ template:
+ metadata:
+{{ include "sscdpa.labels" . | indent 6 }}
+ spec:
+ containers:
+ - name: provider-azure-installer
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ resources:
+{{ toYaml .Values.windows.resources | indent 12 }}
+ env:
+ - name: TARGET_DIR
+ value: "C:\\k\\secrets-store-csi-providers"
+ volumeMounts:
+ - mountPath: "C:\\k\\secrets-store-csi-providers"
+ name: providervol
+ volumes:
+ - name: providervol
+ hostPath:
+ path: "C:\\k\\secrets-store-csi-providers"
+ type: DirectoryOrCreate
+ nodeSelector:
+ beta.kubernetes.io/os: windows
+{{- end -}}
diff --git a/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer.yaml b/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer.yaml
new file mode 100644
index 000000000..9b2aed78f
--- /dev/null
+++ b/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer.yaml
@@ -0,0 +1,36 @@
+{{- if .Values.linux.enabled}}
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: {{ template "sscdpa.fullname" . }}
+ namespace: {{ .Release.Namespace }}
+{{ include "sscdpa.labels" . | indent 2 }}
+spec:
+ updateStrategy:
+ type: RollingUpdate
+ selector:
+ matchLabels:
+ app: {{ template "sscdpa.name" . }}
+ template:
+ metadata:
+{{ include "sscdpa.labels" . | indent 6 }}
+ spec:
+ containers:
+ - name: provider-azure-installer
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ resources:
+{{ toYaml .Values.linux.resources | indent 12 }}
+ env:
+ - name: TARGET_DIR
+ value: "/etc/kubernetes/secrets-store-csi-providers"
+ volumeMounts:
+ - mountPath: "/etc/kubernetes/secrets-store-csi-providers"
+ name: providervol
+ volumes:
+ - name: providervol
+ hostPath:
+ path: "/etc/kubernetes/secrets-store-csi-providers"
+ nodeSelector:
+ beta.kubernetes.io/os: linux
+{{- end -}}
diff --git a/charts/csi-secrets-store-provider-azure/values.yaml b/charts/csi-secrets-store-provider-azure/values.yaml
new file mode 100644
index 000000000..98c2f7fc8
--- /dev/null
+++ b/charts/csi-secrets-store-provider-azure/values.yaml
@@ -0,0 +1,34 @@
+image:
+ repository: mcr.microsoft.com/k8s/csi/secrets-store/provider-azure
+ tag: 0.0.5
+ pullPolicy: IfNotPresent
+
+linux:
+ enabled: true
+ resources:
+ requests:
+ cpu: 50m
+ memory: 100Mi
+ limits:
+ cpu: 50m
+ memory: 100Mi
+
+windows:
+ enabled: false
+ resources:
+ requests:
+ cpu: 100m
+ memory: 200Mi
+ limits:
+ cpu: 100m
+ memory: 200Mi
+
+## Configuration values for the secrets-store-csi-driver dependency.
+## ref: https://github.com/kubernetes-sigs/secrets-store-csi-driver/tree/master/charts/secrets-store-csi-driver/README.md
+##
+secrets-store-csi-driver:
+ install: true
+ linux:
+ enabled: true
+ windows:
+ enabled: false
diff --git a/charts/index.yaml b/charts/index.yaml
new file mode 100644
index 000000000..6c22b52f4
--- /dev/null
+++ b/charts/index.yaml
@@ -0,0 +1,26 @@
+apiVersion: v1
+entries:
+ csi-secrets-store-provider-azure:
+ - apiVersion: v1
+ appVersion: 0.0.5
+ created: "2020-04-29T12:35:37.793794-07:00"
+ dependencies:
+ - condition: driver.install
+ name: secrets-store-csi-driver
+ repository: https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/master/charts
+ version: 0.0.9
+ description: A Helm chart to install the Secrets Store CSI Driver and the Azure
+ Keyvault Provider inside a Kubernetes cluster.
+ digest: b1b4cfe79c87fd2139e5ee498040d78678ac480940c00b245711edbe6516451e
+ home: https://github.com/Azure/secrets-store-csi-driver-provider-azure
+ kubeVersion: '>=1.16.0-0'
+ maintainers:
+ - email: anish.ramasekar@gmail.com
+ name: Anish Ramasekar
+ name: csi-secrets-store-provider-azure
+ sources:
+ - https://github.com/Azure/secrets-store-csi-driver-provider-azure
+ urls:
+ - https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts/csi-secrets-store-provider-azure-0.0.5.tgz
+ version: 0.0.5
+generated: "2020-04-29T12:35:37.790031-07:00"
diff --git a/deployment/provider-azure-installer-windows.yaml b/deployment/provider-azure-installer-windows.yaml
index 51d3daf65..d93a516a3 100644
--- a/deployment/provider-azure-installer-windows.yaml
+++ b/deployment/provider-azure-installer-windows.yaml
@@ -3,7 +3,7 @@ kind: DaemonSet
metadata:
labels:
app: csi-secrets-store-provider-azure
- name: csi-secrets-store-provider-azure
+ name: csi-secrets-store-provider-azure-windows
spec:
updateStrategy:
type: RollingUpdate
@@ -19,7 +19,7 @@ spec:
beta.kubernetes.io/os: windows
containers:
- name: provider-azure-installer
- image: mcr.microsoft.com/k8s/csi/secrets-store/provider-azure:0.0.4
+ image: mcr.microsoft.com/k8s/csi/secrets-store/provider-azure:0.0.5
imagePullPolicy: Always
resources:
requests:
diff --git a/deployment/provider-azure-installer.yaml b/deployment/provider-azure-installer.yaml
index c17d0e7c2..2ada2ace6 100644
--- a/deployment/provider-azure-installer.yaml
+++ b/deployment/provider-azure-installer.yaml
@@ -17,7 +17,7 @@ spec:
spec:
containers:
- name: provider-azure-installer
- image: mcr.microsoft.com/k8s/csi/secrets-store/provider-azure:0.0.4
+ image: mcr.microsoft.com/k8s/csi/secrets-store/provider-azure:0.0.5
imagePullPolicy: Always
resources:
requests: