Skip to content

Commit 4300330

Browse files
SimonKienzlerSimonKienzler
committed
Update README
1 parent 980a264 commit 4300330

File tree

1 file changed

+12
-3
lines changed

1 file changed

+12
-3
lines changed

README.md

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,9 @@ demonstrates the deployment as a
3131
[sidecar container](https://kubernetes.io/docs/concepts/workloads/pods/#workload-resources-for-managing-pods)
3232
within the ExternalDNS pod.
3333

34-
```shell
34+
```shell
35+
# We create a Secret from an auth token. Alternatively, you can also
36+
# use keys to authenticate the webhook - see "Authentication" below.
3537
kubectl create secret generic external-dns-stackit-webhook --from-literal=auth-token='<Your-Token>'
3638
```
3739

@@ -203,7 +205,7 @@ spec:
203205
successThreshold: 1
204206
timeoutSeconds: 5
205207
env:
206-
- name: AUTH_TOKEN
208+
- name: STACKIT_SERVICE_ACCOUNT_TOKEN
207209
valueFrom:
208210
secretKeyRef:
209211
name: external-dns-stackit-webhook
@@ -217,7 +219,6 @@ The configuration of the STACKIT webhook can be accomplished through command lin
217219
Below are the options that are available.
218220

219221
- `--project-id`/`PROJECT_ID` (required): Specifies the project id of the STACKIT project.
220-
- `--auth-token`/`AUTH_TOKEN` (required): Defines the authentication token for the STACKIT API.
221222
- `--worker`/`WORKER` (optional): Specifies the number of workers to employ for querying the API. Given that we
222223
need to iterate over all zones and records, it can be parallelized. However, it is important to avoid
223224
setting this number excessively high to prevent receiving 429 rate limiting from the API (default 10).
@@ -229,6 +230,14 @@ Below are the options that are available.
229230
- `--log-level`/`LOG_LEVEL` (optional): Defines the log level (default "info"). Possible values are: debug, info, warn,
230231
error.
231232

233+
## Authentication
234+
235+
The STACKIT webhook uses the [STACKIT Go SDK](https://github.com/stackitcloud/stackit-sdk-go) and therefore inherits its
236+
options for authentication: You can use either Token or Key authentication flows. The example above uses the Token flow
237+
for authentication by providing the `STACKIT_SERVICE_ACCOUNT_TOKEN` environment variable in the `Deployment`. For more
238+
information on how to provide e.g. a Service Account Key to be used by the SDK, see
239+
[authentication options for the STACKIT Go SDK](https://github.com/stackitcloud/stackit-sdk-go?tab=readme-ov-file#authentication).
240+
232241
## FAQ
233242

234243
### 1. Issue with Creating Service using External DNS Annotation

0 commit comments

Comments
 (0)