Infisical provider for the Secrets Store CSI driver will allow you to mount Infisical secrets directly into your Kubernetes pods while maintaining secret-zero in your Kubernetes cluster.
- Kubernetes version >= 1.20
- Secrets store CSI driver installed with
tokenRequestsaudience configured - Kubernetes service account configured for native authentication with Infisical
helm repo add infisical-helm-charts 'https://dl.cloudsmith.io/public/infisical/helm-charts/helm/charts'
helm repo update
helm install infisical-csi-provider infisical-helm-charts/infisical-csi-providerYou can also install using the deployment config in the deployment folder:
kubectl apply -f deployment/infisical-csi-provider.deployment.yamlFor guidance, refer to the official documentation here.
To troubleshoot issues with the Infisical CSI provider, refer to the logs of the Infisical CSI provider running on the same node as your pod.
kubectl logs infisical-csi-provider-7x44tYou can also refer to the logs of the secrets store CSI driver. Modify the command below with the appropriate pod and namespace of your secrets store CSI driver installation.
kubectl logs csi-secrets-store-csi-driver-7h4jp -n=kube-system