Right now tunnel token is used as part of command array, which makes it easy readable. Instead it's recommended to pass this kind of data via secret to env var, something like this:
...
containers:
- command:
...
- --token
- $(TOKEN)
env:
- name: TOKEN
valueFrom:
secretKeyRef:
name: controlled-cloudflared
key: tunnel-token
...or just set $TUNNEL_TOKEN env var and don't set --token cli arg (https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/configure-tunnels/tunnel-run-parameters/#token)
Of cource this would require controller to manage secret with tunnel token.
Right now tunnel token is used as part of
commandarray, which makes it easy readable. Instead it's recommended to pass this kind of data via secret to env var, something like this:or just set
$TUNNEL_TOKENenv var and don't set--tokencli arg (https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/configure-tunnels/tunnel-run-parameters/#token)Of cource this would require controller to manage secret with tunnel token.