Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
edge: handle Vault K8S auht JWTs more strictly
This commit enforces that a JWT passed to the K8S Vault engine does not require contain '/' (or other OS path seperator). If the JWT value contains a OS path separator we treat it as file and read it from disk. As a sideeffect, we require that a path to a JWT is absolute. A relative path - e.g. `token` will not be treated as filepath. Instead, it must be specified as e.g. `/var/run/secrets/kubernetes.io/serviceaccount/token`. Fixes minio#361 Signed-off-by: Andreas Auernhammer <[email protected]>
- Loading branch information