From c60045bbdb72ba338db5443ec230adb1de05ae86 Mon Sep 17 00:00:00 2001
From: Kobayashi Daisuke <kobayashi.da-06@fujitsu.com>
Date: Fri, 21 Jan 2022 16:36:39 +0900
Subject: [PATCH] add example yaml files

---
 ...rojected-secret-downwardapi-configmap.yaml | 35 +++++++++++++++++++
 ...ed-secrets-nondefault-permission-mode.yaml | 27 ++++++++++++++
 .../projected-service-account-token.yaml      | 21 +++++++++++
 3 files changed, 83 insertions(+)
 create mode 100644 content/ja/examples/pods/storage/projected-secret-downwardapi-configmap.yaml
 create mode 100644 content/ja/examples/pods/storage/projected-secrets-nondefault-permission-mode.yaml
 create mode 100644 content/ja/examples/pods/storage/projected-service-account-token.yaml

diff --git a/content/ja/examples/pods/storage/projected-secret-downwardapi-configmap.yaml b/content/ja/examples/pods/storage/projected-secret-downwardapi-configmap.yaml
new file mode 100644
index 0000000000..270db99dcd
--- /dev/null
+++ b/content/ja/examples/pods/storage/projected-secret-downwardapi-configmap.yaml
@@ -0,0 +1,35 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: volume-test
+spec:
+  containers:
+  - name: container-test
+    image: busybox
+    volumeMounts:
+    - name: all-in-one
+      mountPath: "/projected-volume"
+      readOnly: true
+  volumes:
+  - name: all-in-one
+    projected:
+      sources:
+      - secret:
+          name: mysecret
+          items:
+            - key: username
+              path: my-group/my-username
+      - downwardAPI:
+          items:
+            - path: "labels"
+              fieldRef:
+                fieldPath: metadata.labels
+            - path: "cpu_limit"
+              resourceFieldRef:
+                containerName: container-test
+                resource: limits.cpu
+      - configMap:
+          name: myconfigmap
+          items:
+            - key: config
+              path: my-group/my-config
diff --git a/content/ja/examples/pods/storage/projected-secrets-nondefault-permission-mode.yaml b/content/ja/examples/pods/storage/projected-secrets-nondefault-permission-mode.yaml
new file mode 100644
index 0000000000..f69b43161e
--- /dev/null
+++ b/content/ja/examples/pods/storage/projected-secrets-nondefault-permission-mode.yaml
@@ -0,0 +1,27 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: volume-test
+spec:
+  containers:
+  - name: container-test
+    image: busybox
+    volumeMounts:
+    - name: all-in-one
+      mountPath: "/projected-volume"
+      readOnly: true
+  volumes:
+  - name: all-in-one
+    projected:
+      sources:
+      - secret:
+          name: mysecret
+          items:
+            - key: username
+              path: my-group/my-username
+      - secret:
+          name: mysecret2
+          items:
+            - key: password
+              path: my-group/my-password
+              mode: 511
diff --git a/content/ja/examples/pods/storage/projected-service-account-token.yaml b/content/ja/examples/pods/storage/projected-service-account-token.yaml
new file mode 100644
index 0000000000..3ad06b5dc7
--- /dev/null
+++ b/content/ja/examples/pods/storage/projected-service-account-token.yaml
@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: sa-token-test
+spec:
+  containers:
+  - name: container-test
+    image: busybox
+    volumeMounts:
+    - name: token-vol
+      mountPath: "/service-account"
+      readOnly: true
+  serviceAccountName: default
+  volumes:
+  - name: token-vol
+    projected:
+      sources:
+      - serviceAccountToken:
+          audience: api
+          expirationSeconds: 3600
+          path: token