From 1c838b6f9f4df058fbcd272d317d19bca1ed214b Mon Sep 17 00:00:00 2001
From: Anish Ramasekar <anish.ramasekar@gmail.com>
Date: Tue, 26 May 2020 15:32:58 -0700
Subject: [PATCH] chore: update manifests and helm chart for 0.0.6 (#111)

* update manifests and helm chart for 0.0.6

* Review feedback
---
 ...csi-secrets-store-provider-azure-0.0.7.tgz | Bin 0 -> 5933 bytes
 .../Chart.yaml                                |   4 +-
 .../README.md                                 |   6 +-
 .../requirements.lock                         |   6 +-
 .../requirements.yaml                         |   4 +-
 .../values.yaml                               |   4 +-
 charts/index.yaml                             |  28 ++++++++-
 .../provider-azure-installer-windows.yaml     |   2 +-
 deployment/provider-azure-installer.yaml      |   2 +-
 docs/getting-certs-and-keys.md                |  53 ++++++++++++++++++
 10 files changed, 95 insertions(+), 14 deletions(-)
 create mode 100644 charts/csi-secrets-store-provider-azure-0.0.7.tgz
 create mode 100644 docs/getting-certs-and-keys.md

diff --git a/charts/csi-secrets-store-provider-azure-0.0.7.tgz b/charts/csi-secrets-store-provider-azure-0.0.7.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..dc41e7d6ec825a367f22bd9b09e9b793359e1d9e
GIT binary patch
literal 5933
zcmV+|7t-h-iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PKDLbK5qucz@<!v7_{+$$d(Slq}iNe0+1R?Yr}|ar|swZ{DkK
zVu*w!Jd*?qfJ)TF|N9#NB*m|yEGx>T6@Ex$5(E~D-Nj<DyKp%%Id&Nq+~k5XY(|XE
ziHDhqev29Ip3V>x)&d3oH=7pQw(a4;f%@OJ?ehQjp)>f#=?{nf-oP2yhu_%F;h;bK
z2JDS{d_sx2K<pd)*?pA<_mvbBk)JW+goY!SI|hoP>`&XWt)byz?lKYy_2>ltf&Bnn
zNfRI_kdO=H`ygf*ZZs9ajie$ty}5uhM&_6S3O!ZfMA8%dh!=Ad`@#UYN+?Y>Lp%%!
zevHSMg;-z?t{-!OnPtpqfJZPBBI2WNcS^)89$PLAx~jcyk$5FJd#c+K9UBkv7-vKK
z?k~rV<qR#`w7)X~L_&c`h#4OlCg1=Oe*`Ebd}c8eAdVjp`|DIbmi-z4A(9}S$Qp2+
z)-d$bHij}djhTy8SI-{QJU>^5#s>4>%KvlZ$Cy7$0JQMGGw3^I{y#i)_WZw#LIO0!
zBLjfph;kw*TZ|xZnH3P1QBEg9k>$e?@4B263A0<GMgW1PsoVgFV&A`_K5-W#xR_j0
zam6slp)d@egz*R2X-GYMgMI7@%H-bwV=R#Mkck0{&@Sa8P+u4TI7DL~dm|7m#tQ0;
zo#fXH{~BX1lD`1lC?3JU4w63u9H{X*w*7{vXFdtYn$?Z>B=qQe{v^1QZ}N~&kk8iz
z-LWgc^j5*%Sl@W@0#0c-A=8*4Da%3gHB2Z|!nsM}fQKU-dN_0!mTZLKNv$wm4&CHr
z${QtES1^pb0g|%4tJaYfb+6A)&fc6`foHsUVKmi}2uRkUj4Uz&t5OVr1l7mlno@B_
z*a*6F#JWBicas+eKyIpQX0F=A>F92b*qu+tcWEPEnz7d`t@2;sAo7vGy!&p3{RlH|
ziRfudL5uwF$=?O}-|IQfUjN%k`S`K>XPA><1RM*P5Fd+0gpUJ>7I%h6@aOL1qakY<
z=O3a}m6NIt(24r3nAkFsdM0>yLP883&Rs7;maN(VbNNy#e_-it#ieY=`dO<OvgX@4
zW=!gWpCrGAE)4tXCkbxi$%K4>j=5|Mho1Va!8>Ib38_S;eN1BCU%;<1^2vl?4^R{-
zz%AonShud~3)zPp1cxzpQOq%L8sNMxs)jou*!MUfhPC9yp45QFjBt24UMN(YUEavL
zB%A_|u=~m~E+)XRj}cFB=2E3<@<fGJ&xnBc#P?y0A?6ZJ4oCr?K-+{_S*3{GZ&iDv
z<Mq*;en}=v&~z)-wT4@NoYpHoU2BqjzWh95Boq_q{E3@?;+;}!y5FZve3b}p1PVRG
zJn+#N`+9ks$t_E^+BTw7f1x|kzoqz}VMc^hk)ZSO;}YN-%;v<!@c7tKOSyVls-p&#
zR+tm5s26HnCy$d_iYAgOxrxiY%r-E&I?1!78j7M3eEbNh*e>y*1tqjSLH-wCn8})p
znVGDXjeCSP`QNjLCHa5o^!NJzPD;Z3sc=ZAGSPV+AC0_$07Vh+&K=`{gx(0w5DsW~
zgM|@bfjlJ8DBBy?QQ%TuNh&m#s<C{?BjoDu3jCuUYnlZTx_<0c8P<YNK%|N)peL(J
z(JLW|BM%9DBN!5Ry3o3uT--)*O?{t)(|@W81^_Rp@&OX=?59iu$g&PsLH0IjCPT`4
zun%=304e-RtEWrT1SG{waNNX?Sw#T7yVKGlnPK(FTJHAX@o`jnEzmTPCxw=-ayz=p
zH_Po_IuKoQ`y7cu`rjz<EA*CCTH?d$72Cn#e3bihiHF;h>%X7hzB{|PF1!Z4#Th~8
zbaZ$3aCcYTK%^Mt`H{}49|!mijYGl99R~906%w;2w<=3<+UC?Z@;$DY;bm1>W|V6f
z3e88GL8Teuj4;Iji?>XxQEH8NPsFS;Q~9m$a)OE*;@mth=kqAP^psYiFD(WCxMd6L
zf2(b<ZT)u!ho$v@aB#5S|Lvrd)_-L<*}>|+U-kdUtG=eP&${M!v2b%n$r>Buvljmi
zo8Ofd@FegmOTC_+{X+joD6Q*%W`p0nkCyd+a4<Y9pZ_`be*eFd@}m8~+Q<&>;b&!4
zOy4W(TJ_jJIXFVTPv3J`&=>@TDHh2YlUm(yC^)FzJRl*Idr+%d=wjtN5Odt%V371g
zLV?*tstkf^DJ|;<@;S|$aU<$+OC5z>=v7mlgc-(v#l(F8Ne8-T7Q6CA{%}mhk%Gl7
zoT1T4^SPO<t?&mAiO0hdZ!ss~RJl?pa9+R_!wml#6HWx?hGD`l@@4<uFVmB@nXJoa
zU5~oFOG3eD_g4wE0=oMm(E?0a?Uima8KUe+4nf%pWy`lSl3JgWuehr4OVdb}Kx}Z_
z_bT)LXu?H`V_n}c?(gsU4Ew(EZECoUC?L;krPJ(GlA-sO1~ulGCDitG=ZfMXWeQH}
z@zN?cTfsHWDGsqzQ%$+f%Yo~eE1c6B#_bHlgi2;ob15}*@Cg@s+A@Nak0ZoTfCXke
zJDh2QLQ_IANrYu52Z`H<VSIwCv{m>7XG?D&^_Q;v$@m0jS|Im3|Cg$DpFe%Lhfi=L
zm>L$9zzc$We*rW-ooItT+f*!7bfw53;JVqD>R=^e>I_>UB!3$73O>Por*p3%OWUf4
zP9G+153+pEW#wG<d?BCZoHFDGo4I8aI$5gg%TDAoh_nv>3GVZ*8ij8Kn#zxgZd^Gh
zF4fp4xL5uk$(M!wr0O!^pC)lYLw$I!6iu#AgK)mByaFm4yriC78WKG<lO}3+%CV?6
zc)!ZUqyTodL6QAjCx7U}Kh;qNv|LzfI!awStkkdM{{N5JUzU#x{w4aI_UR~nkUT6_
z*MOGn^=o1{`6`1{IW`m<+yKqxR+|u=)GLkP$;hsBS46jCH{!cjkMHFdC4~2K2ya?E
ztYl%x&p@MYphSUKF2s2%Z|tCvl^VNQ!AmW@6#ZLdXX&D(Rk7qfFiHh@M6L|?WjC5O
zgsmXmRU=wKyRBVqGOVg=j~v*SR@=8$TJ;#EmogkkjotF8`|$KW+Wfx{4$9}hPR~Bv
z@BemDGWR~BU6QrQsfm+HexmIf_u6iOMP(bH;MwdrhDWBDixKb{>J5e?Z#?Y1o*a4(
z9uE56_~7-x#m;NDH+F|Z$9_E=3>~lEw_hKj@ucS-Na8whu{Z1=csA~1Y^1ukH-b*j
z?%Ae2FnhyW`}L?d939wJe`q_-k!c@}Y`gROVfRXT8vk$R1>VO0{a%&-_x^voDPIf!
zt3wfw=rEKvCG2<1uiGx|c8nGu?KR@V+W3E1j{oQlhQmGo@1(TEf60~ii2-1h_^+Di
zF3HYmd>3(L!z*o!`JZE-j#Fvj(<xQ|SW!5wi|`t(itu7Ypx<VHEm%~tBkXG;5d6;!
zg;S$NB(9F<T2}xXWr4S&`F}S5uMr>C!v9Xs?v?m|=s0`*e<vl2lqtu_WPxGDCEug&
zgIs87*TaPSXk0@Y+UEjIM=;M;?_xOEiT@rgq!eh4#mPrqRRVDuU|iQun&~tx&=!K%
z)(ZYHd^-IJ&#^Co^YA#HCU`Y`GRGn2{EE@B0zINkjNtW=eUv|$%1rCmKb)Kbqdw-!
zNIxc_N5UyL*ciFh$S2vt8xoQr4wi=5L?&{0NtF~w{wrDU1Y8;f2t1sIGx&rHpc8n&
z3sbQ*M2P6Kgdk}&v%)3fip!R;HMO!g&auQ|@B8%cp8C6QBrT*+r9h4Ly4n{l&zAp7
z|G>+)x92yO_#n!CwCaDue%b%Oe>m97|6P>ZRgwFI!xRfa!YOz-^65gyJS}L<min7<
zOQkd*lLd$w63wm65Z8z7*!vz>9FB}cn7YCT)6Dz<kDJ^9l@oz7|C>H^P!t_kobz(7
zc^$*Jr0<pgfs4ZA2vsVo90M0P;?GgnUc?-mVusB|eNIqt(}*;Ul2r7a`iS$)LGF9)
zDUcvIz@bRo1C}av;X`Y?0&|P}-xwd-rvDutmf}DAc5lD`+fDhr@t^zX&(9P6xsUza
zV(jPdI`XqA?la~8Ey{nFlf(>LG6uBie}lt=viu+R`g{4mi;}nh$+<;SY&{$)UyZpl
z#sa1B9;Y`KT92!V_b3pD<#LiVkp*Q$)Vl~L^lhj->oXez5^|Bb)+bEazCMvj90zmE
zPH7NHq1(|Jn@qa{)+vh6nD|5x%&i}nR=*rW7yvKe#PhU!X-=5SMzsG$DklT#skQ7%
ze$3U$MW(~50fEa&>S`Kd>~T1cW|#$-Azv;6W91-f8L12ZPh^7Kh3n%t)WduP27swP
zQC}DzKc<fHUwZDp*)IPx>f>5FU>pA*4$Jnx!@)lP({9SgkNNN~Hb!oGh$bo2G|fT?
zn0k+5F{6z9ru<Wv!XlLudS7@=ecUK1QWA6Jh6Zy}QjWo5Ut7^pME=fb9H~{<tPw6B
z%tXADk|>$=&Fj;|aZ+Wf68xCT*rk5xfU(ceZ<h-s;)d=cB;47`{yUwfeo9U1ZKnF^
zVIL<y(~gqno21T``Tt#Fpe)FN*7bi-UjLomu(#*`U6j@Qzd7&!py}XAA|Rn1L;k+T
zlaW$tHBYSQ-T<gdo;BnRkH`OuU7<vdZXi+ZPh3}ODfQY-(HUaR7}o!w^}bvhgCW|I
zx;&w*=6}aN=#}!n_6LsrwcCHUCs?;L&W6&O|D_!5T^A9)Mg;hFv%j=Pfo~Ywy;)@U
z+Hu|0w2`n*>PXd0K{j2s2_|TXBA1Y)oX+r+aKTVb2zm7+mGZndhU`>DI@Pu}nmbm{
za!lk$Gh{jGoSV*({n|u<H$2Goh}g6eac!FO<3Z_J$5bOlp2slf$8ktLjJn;^(cPWP
ziTcOl)P3kwno7=QGw|dRVn#^Jj&nin^`7GJ_;?rj@sx!8uEN(@m$@GObPG5t1%F2j
z-v}C&9|PbIOESq9bw(R{b*}(^seKC2aRaaOebdXX+x*VMK6ED_(V53nDWObmi!afs
z5nkWszt@T8|M8zcoWHw#dv^Zr^5o5VT}1!i7!9g8P)6BAQz(~`V^g()`dEkaOCD7b
zFOsiTr9a607Bb*g<O@im_Z8ik9$_UIa_Iz4M|Y{)MEUaqwYD{quUujI!VIp?7Ljs6
zOV)^DwQBZ=I+pI3rt*i#GhON|VW~HzMv{+k=tY!-;`rN_r#Bbx&M(id-d<eZzN)Dz
zCz5!_-@Yu8RbAC=N!Igt{M778$?Azh4_;R6Rob8AwK7>XVeD1*s=+^^m=7ZXJ0M{W
zbX_x#(B`(P;3vB2@?j&F=J8&ib)!ibf89*qNbya%PdIjCM#SQjh5~;Or3@X6%!!Yu
zg_Ok0>8LY&u0u#g2qMa=@+i{>u9VABo&obtNtXP$Om?YWH^aymv)?MK8Wq%~{s?YQ
zuL{dx$=Rte6^QsT!?!br`HcGB2nMAZGa;hCV^N)Go#muk4@~M(RsWWRL=fbkVIM7S
zuuDUakDzatY6%ix8jGxgQ?3wUMyR)ZKPXLOg{waMLZNCY5xKgF^^_gz@!BRBjnEWn
zU*I2zr_#nLm$LdHrBbtXR1d3Uu93&=HW(y@FQre})wpI&Tuc2;8&PeH<~_?^SLJP2
zFUl+EM(VFreid+LLe|H9UV5#0#gvS5`~<o1S%|vAK8=Zy8cBXtZlty8|8A{3iDj5p
z=xfi1N^e2lC4DSbLRd{BRW}vef~jU(v=RE6B*rQ@+r-Cuko-ZjR5gZDZNcuBmNxre
z@30jA)9)WR2YdV97qI`8^FMwb>)+n$*Lu+nY-aP5a`F<3_mn*pwijN=QzaugCixp-
zT>OiO*+29r+cO&e8l#0A&chL3!#rqjU;`}bK;5L5x~=A#X1}_u7x4JlO;)#RGN-!!
z8jOAoCck=v-wJbIy|J&;9h0!jXAS1Jj@e}F>#zV!Hi2#)G2P9~e0w9`8ftF$`6j;Z
zwhVll-doIj`AWYB<KD(OTi3Ai9p(3)CB*$MZG5YQ?pMa|4J5x?>)t8?+S~SuqyK%{
z_8QlR4J><&`pi!4dQT9zYnu4h<&t#`d?i)2WXf|ar=Xs0Vy|0IRsByl(RII!fo^Rw
z-ko)>Wv7tY=DItx%{_hZvNOxvCIVm;On*=t-RCULUe51oeJ3}u3%2<G9`>A){qMl;
zef9a@zY_aj#l;^*1b+}XRJ)0WP@tF#8l*W|&+tSkUNkIN0#O)Jp#*KRFh~`ZQFUS9
z6o*P+jbq|_I-5wA{$_4lJ?p>#?bc3ccuNAz1qz}Ogt70hcI~xRc<rY)xv6$2Ug_Vj
z%##}K)Hk>iiLKuHgo_`WYW$>Q3_!|vhWrMYwZV{t)7VF>wvGY7T`FZ_W*_wowTU90
zR@zh>G{WJ@)y2>K8+V2SluG160;jrAbfQy<>#s^TLf646%gNP6@;hQQ!c3670+1u9
zoM0~i@|}b<iPzH6m>P<N5U>Ya!=u8C2?vHFor0xk{ZIp!n{%MbpW9My+?a9TGaCCU
zW&a#A0Svoz8j|0#mbs4L#h|!M6k1eQ3WUhl8&w^nAD{&=Ec<{s%(a$eK!P`vVIbjz
z7P48TEacK4h(jV4UBw7w91F^L*TZw{cTq%41!t%j#tOU_S>(reMtNb>Da5nKia;CD
zEQwRjaF%&oXLiZ3nWh@JKEJum!c7#$izrseU4F)wc$Rn};RG{1PZLH1)naPZ(NW?)
z(b;pBg~#K72%g=14uV>6s^o@>hE{<qo&^^noT32xr-<WiV_71Un-YWVc+N|=VnvOd
z>~Y@szYYW5MA$9xfQLC@l1>E@DmJl6`ZRN(dY)YeP~K)EPp48u{#C=bjaaA|Qt@JW
zDL*6z$b`6=)>z(y*P$&LimG1*rlr3uEm2ss^{gC)7I1IVD3Ib;MBtzXB{fs28(2Mm
zd=a|XgCCE|yYD3&2{x(~nr1fvs6>#hBWM}N84_rnu{5*`a*V|hDG(c~uO6E&4|vi1
zvNRIem9_z@8zpEI`}w_0wX7iVWzpkM=Wpu*l24G4pg~ZDy5|AY$T-Cch%vNiB(>&|
zG>)M%t1CKh9DsV=-mk1C``tpHE6`PssCs#>;y9lq(bX3PKB8kT*UM)M_3`40R?Y|4
zkyby*4{HEh6P~mnIVm`V@j~icB=pFfcro&G`u!6{7-@)ZC_qoVloTWC=|ofS85KAi
zLR<%ID@iWh5Z2=d?VGTDNVY+!rANyhm7}~7o#nG6a9Ho7a<8?^LE-Eo$qA7>S#kn$
zT^tGQU6waWolarLqyEfNH}etv@^1r@o4>Lgfb!vI-R15}Q`uttcjB&sw7W{qP}COx
z-7nw&-*<-neg4;-l=b7kvncOUm~=}zn2iFa*K_;&&yKAAI?A*8e~tS=Tll|!SoZ(y
z4SIch&;Pq9FPgb^M;B$Tc^M|m`<DIxws<3^t8c`-zrP<NKC4_e*$D4vyY!;%hRH^d
znv=@!@06_EDcR`o{>AQ++!&&KkM$mXvfrQ76>y~HKFM`*xz{vbyhAeIeCZ}h?H*Cn
zLUNO2{!@X}c#;(CZMR4Aru=NJ*GF#gX1k^+Y1!z%l3VKP(Ehaa^tGK8r=Zwb`*og`
z*tlvVwbRjlV_)rrta01q_Acg=6J78)m5rS%fOR5%@ac4_xhGE>WiJ{{pZX~%*Bs?~
zCOdw8WFIA6<@Mz}I#P)z-`8aCFZA8u$f>Sc-Aao7B;BE&k4$EKX~kn-_GMqbc=^8o
P00960WDtD80HOc@Q8m|v

literal 0
HcmV?d00001

diff --git a/charts/csi-secrets-store-provider-azure/Chart.yaml b/charts/csi-secrets-store-provider-azure/Chart.yaml
index 2821ebae0..146228a07 100644
--- a/charts/csi-secrets-store-provider-azure/Chart.yaml
+++ b/charts/csi-secrets-store-provider-azure/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v1
 name: csi-secrets-store-provider-azure
-version: 0.0.6
-appVersion: 0.0.5
+version: 0.0.7
+appVersion: 0.0.6
 kubeVersion: ">=1.16.0-0"
 description: A Helm chart to install the Secrets Store CSI Driver and the Azure Keyvault Provider inside a Kubernetes cluster.
 sources:
diff --git a/charts/csi-secrets-store-provider-azure/README.md b/charts/csi-secrets-store-provider-azure/README.md
index ece8abe0d..e1bef5bc8 100644
--- a/charts/csi-secrets-store-provider-azure/README.md
+++ b/charts/csi-secrets-store-provider-azure/README.md
@@ -29,11 +29,15 @@ The following table lists the configurable parameters of the csi-secrets-store-p
 | `fullnameOverride` | String to fully override csi-secrets-store-provider-azure.fullname template with a string | `""` |
 | `image.repository` | Image repository | `mcr.microsoft.com/k8s/csi/secrets-store/provider-azure` |
 | `image.pullPolicy` | Image pull policy | `IfNotPresent` |
-| `image.tag` | Azure Keyvault Provider image | `0.0.5` |
+| `image.tag` | Azure Keyvault Provider image | `0.0.6` |
 | `linux.enabled` | Install azure keyvault provider on linux nodes | true |
+| `linux.nodeSelector` | Node Selector for the daemonset on linux nodes | `beta.kubernetes.io/os: linux` |
 | `linux.resources` | Resource limit for provider pods on linux nodes | `requests.cpu: 50m`<br>`requests.memory: 100Mi`<br>`limits.cpu: 50m`<br>`limits.memory: 100Mi` |
 | `windows.enabled` | Install azure keyvault provider on windows nodes | false |
+| `windows.nodeSelector` | Node Selector for the daemonset on windows nodes | `beta.kubernetes.io/os: windows` |
 | `windows.resources` | Resource limit for provider pods on windows nodes | `requests.cpu: 100m`<br>`requests.memory: 200Mi`<br>`limits.cpu: 100m`<br>`limits.memory: 200Mi` |
 | `secrets-store-csi-driver.install` | Install secrets-store-csi-driver with this chart | true |
 | `secrets-store-csi-driver.linux.enabled` | Install secrets-store-csi-driver on linux nodes | true |
+| `secrets-store-csi-driver.linux.kubeletRootDir` | Configure the kubelet root dir | `/var/lib/kubelet` |
 | `secrets-store-csi-driver.windows.enabled` | Install secrets-store-csi-driver on windows nodes | false |
+| `secrets-store-csi-driver.windows.kubeletRootDir` | Configure the kubelet root dir | `C:\var\lib\kubelet` |
diff --git a/charts/csi-secrets-store-provider-azure/requirements.lock b/charts/csi-secrets-store-provider-azure/requirements.lock
index 5e1a42f9d..3988c3092 100644
--- a/charts/csi-secrets-store-provider-azure/requirements.lock
+++ b/charts/csi-secrets-store-provider-azure/requirements.lock
@@ -1,6 +1,6 @@
 dependencies:
 - name: secrets-store-csi-driver
   repository: https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/master/charts
-  version: 0.0.10
-digest: sha256:2a6ac90a154cd0d5e9325396874f9073073c11dfd937dc87b02f41d3fcd8c9a7
-generated: "2020-05-04T14:51:22.72233-07:00"
+  version: 0.0.11
+digest: sha256:db629f7d1e653db495ce19c2bc661096561d33098abf2c436634ced634d0e3ee
+generated: "2020-05-26T09:26:40.360118-07:00"
diff --git a/charts/csi-secrets-store-provider-azure/requirements.yaml b/charts/csi-secrets-store-provider-azure/requirements.yaml
index 2a83421a3..fe9692ceb 100644
--- a/charts/csi-secrets-store-provider-azure/requirements.yaml
+++ b/charts/csi-secrets-store-provider-azure/requirements.yaml
@@ -1,5 +1,5 @@
 dependencies:
 - name: secrets-store-csi-driver
   repository: https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/master/charts
-  version: 0.0.10
-  condition: driver.install
+  version: 0.0.11
+  condition: secrets-store-csi-driver.install
diff --git a/charts/csi-secrets-store-provider-azure/values.yaml b/charts/csi-secrets-store-provider-azure/values.yaml
index 3dcc38eaa..24352bb56 100644
--- a/charts/csi-secrets-store-provider-azure/values.yaml
+++ b/charts/csi-secrets-store-provider-azure/values.yaml
@@ -1,6 +1,6 @@
 image:
   repository: mcr.microsoft.com/k8s/csi/secrets-store/provider-azure
-  tag: 0.0.5
+  tag: 0.0.6
   pullPolicy: IfNotPresent
 
 linux:
@@ -34,5 +34,7 @@ secrets-store-csi-driver:
   install: true
   linux:
     enabled: true
+    kubeletRootDir: /var/lib/kubelet
   windows:
     enabled: false
+    kubeletRootDir: C:\var\lib\kubelet
diff --git a/charts/index.yaml b/charts/index.yaml
index e94331300..f6da647c9 100644
--- a/charts/index.yaml
+++ b/charts/index.yaml
@@ -1,9 +1,31 @@
 apiVersion: v1
 entries:
   csi-secrets-store-provider-azure:
+  - apiVersion: v1
+    appVersion: 0.0.6
+    created: "2020-05-26T10:35:06.49779-07:00"
+    dependencies:
+    - condition: secrets-store-csi-driver.install
+      name: secrets-store-csi-driver
+      repository: https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/master/charts
+      version: 0.0.11
+    description: A Helm chart to install the Secrets Store CSI Driver and the Azure
+      Keyvault Provider inside a Kubernetes cluster.
+    digest: 63f9d8c5b2c11924ea338d2ce2219dcebde8f4446c8893161afb6b7e8c90c98c
+    home: https://github.com/Azure/secrets-store-csi-driver-provider-azure
+    kubeVersion: '>=1.16.0-0'
+    maintainers:
+    - email: anish.ramasekar@gmail.com
+      name: Anish Ramasekar
+    name: csi-secrets-store-provider-azure
+    sources:
+    - https://github.com/Azure/secrets-store-csi-driver-provider-azure
+    urls:
+    - https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts/csi-secrets-store-provider-azure-0.0.7.tgz
+    version: 0.0.7
   - apiVersion: v1
     appVersion: 0.0.5
-    created: "2020-05-04T14:55:26.7225-07:00"
+    created: "2020-05-26T10:35:06.496776-07:00"
     dependencies:
     - condition: driver.install
       name: secrets-store-csi-driver
@@ -25,7 +47,7 @@ entries:
     version: 0.0.6
   - apiVersion: v1
     appVersion: 0.0.5
-    created: "2020-05-04T14:55:26.721449-07:00"
+    created: "2020-05-26T10:35:06.495341-07:00"
     dependencies:
     - condition: driver.install
       name: secrets-store-csi-driver
@@ -45,4 +67,4 @@ entries:
     urls:
     - https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts/csi-secrets-store-provider-azure-0.0.5.tgz
     version: 0.0.5
-generated: "2020-05-04T14:55:26.718506-07:00"
+generated: "2020-05-26T10:35:06.4914-07:00"
diff --git a/deployment/provider-azure-installer-windows.yaml b/deployment/provider-azure-installer-windows.yaml
index d93a516a3..0177b7618 100644
--- a/deployment/provider-azure-installer-windows.yaml
+++ b/deployment/provider-azure-installer-windows.yaml
@@ -19,7 +19,7 @@ spec:
         beta.kubernetes.io/os: windows
       containers:
         - name: provider-azure-installer
-          image: mcr.microsoft.com/k8s/csi/secrets-store/provider-azure:0.0.5
+          image: mcr.microsoft.com/k8s/csi/secrets-store/provider-azure:0.0.6
           imagePullPolicy: Always
           resources:
             requests:
diff --git a/deployment/provider-azure-installer.yaml b/deployment/provider-azure-installer.yaml
index 2ada2ace6..7579533df 100644
--- a/deployment/provider-azure-installer.yaml
+++ b/deployment/provider-azure-installer.yaml
@@ -17,7 +17,7 @@ spec:
     spec:
       containers:
         - name: provider-azure-installer
-          image: mcr.microsoft.com/k8s/csi/secrets-store/provider-azure:0.0.5
+          image: mcr.microsoft.com/k8s/csi/secrets-store/provider-azure:0.0.6
           imagePullPolicy: Always
           resources:
             requests:
diff --git a/docs/getting-certs-and-keys.md b/docs/getting-certs-and-keys.md
new file mode 100644
index 000000000..bc5e9235c
--- /dev/null
+++ b/docs/getting-certs-and-keys.md
@@ -0,0 +1,53 @@
+# Getting Certificates and Keys using Azure Key Vault Provider
+
+> Note: This behavior was introduced in 0.0.6 release of Azure Key Vault Provider for Secrets Store CSI Driver. This is backward incompatible with the prior releases. 
+
+The Azure Key Vault Provider for Secrets Store CSI Driver has been designed to closely align with the current behavior of  [az keyvault certificate/secret/key download](https://docs.microsoft.com/en-us/cli/azure/keyvault?view=azure-cli-latest).
+
+[Azure Key Vault](https://docs.microsoft.com/azure/key-vault/) design makes sharp distinctions between Keys, Secrets and Certificates. The KeyVault service's Certificates features were designed making use of it's Keys and Secrets capabilities.
+
+> When a Key Vault certificate is created, an addressable key and secret are also created with the same name. The Key Vault key allows key operations and the Key Vault secret allows retrieval of the certificate value as a secret. A Key Vault certificate also contains public x509 certificate metadata.
+
+The KeyVault service stores both the public and the private parts of your certificate in a KeyVault secret, along with any other secret you might have created in that same KeyVault instance.
+
+## How to obtain the certificate
+
+Knowing that the certificate is stored in a Key Vault certificate, we can retrieve it by using object type `cert`
+
+```yaml
+        array:
+          - |
+            objectName: certName
+            objectType: cert
+            objectVersion: ""
+```
+
+The contents of the file will be the certificate in PEM format.
+
+## How to obtain the public key
+
+Knowing that the public key is stored in a Key Vault key, we can retrieve it by using object type `key`
+
+```yaml
+        array:
+          - |
+            objectName: certName
+            objectType: key
+            objectVersion: ""
+```
+
+The contents of the file will be the public key in PEM format.
+
+## How to obtain the private key
+
+Knowing that the private key is stored in a Key Vault secret with the public certificate included, we can retrieve it by using object type `secret`
+
+```yaml
+        array:
+          - |
+            objectName: certName
+            objectType: secret
+            objectVersion: ""
+```
+
+The contents of the file will be the private key and certificate in PEM format.