From e0c9f4312a08e9013f20dbefa8bc2442537afce5 Mon Sep 17 00:00:00 2001
From: Jonathan Dobson <jdobson@redhat.com>
Date: Tue, 23 Aug 2022 21:24:08 -0600
Subject: [PATCH] CSI Inline Volumes: secret store csi driver example

---
 .../2022-08-29-csi-inline-volumes-ga.md       | 30 ++++++++-----------
 1 file changed, 13 insertions(+), 17 deletions(-)

diff --git a/content/en/blog/_posts/2022-08-29-csi-inline-volumes-ga.md b/content/en/blog/_posts/2022-08-29-csi-inline-volumes-ga.md
index 2b62e5a0560..ef2a12315c5 100644
--- a/content/en/blog/_posts/2022-08-29-csi-inline-volumes-ga.md
+++ b/content/en/blog/_posts/2022-08-29-csi-inline-volumes-ga.md
@@ -29,19 +29,18 @@ A CSI driver is not suitable for inline use when:
 
 ## How to use this feature
 
-In order to use this feature, the `CSIDriver` spec must explicitly list `Ephemeral` as one of the supported `volumeLifecycleModes`. Here is a simple example from the [CSI host-path driver](https://github.com/kubernetes-csi/csi-driver-host-path).
+In order to use this feature, the `CSIDriver` spec must explicitly list `Ephemeral` as one of the supported `volumeLifecycleModes`. Here is a simple example from the [Secrets Store CSI Driver](https://github.com/kubernetes-sigs/secrets-store-csi-driver).
 
 ```
 apiVersion: storage.k8s.io/v1
 kind: CSIDriver
 metadata:
-  name: hostpath.csi.k8s.io
+  name: secrets-store.csi.k8s.io
 spec:
-  volumeLifecycleModes:
-  - Persistent
-  - Ephemeral
   podInfoOnMount: true
-  fsGroupPolicy: File
+  attachRequired: false
+  volumeLifecycleModes:
+  - Ephemeral
 ```
 
 Any pod spec may then reference that CSI driver to create an inline volume, as in this example.
@@ -52,24 +51,21 @@ apiVersion: v1
 metadata:
   name: my-csi-app-inline
 spec:
-  affinity:
-    nodeAffinity:
-      requiredDuringSchedulingIgnoredDuringExecution:
-        nodeSelectorTerms:
-        - matchExpressions:
-          - key: topology.hostpath.csi/node
-            operator: Exists
   containers:
     - name: my-frontend
       image: busybox
       volumeMounts:
-      - mountPath: "/data"
-        name: my-csi-volume
+      - name: secrets-store-inline
+        mountPath: "/mnt/secrets-store"
+        readOnly: true
       command: [ "sleep", "1000000" ]
   volumes:
-    - name: my-csi-volume
+    - name: secrets-store-inline
       csi:
-        driver: hostpath.csi.k8s.io
+        driver: secrets-store.csi.k8s.io
+        readOnly: true
+        volumeAttributes:
+          secretProviderClass: "my-provider"
 ```
 
 If the driver supports any volume attributes, you can provide these as part of the `spec` for the Pod as well: