Azure workload identity is not working in aks virtual-node-aci-linux due to incorrect secret

[SandeepCitigori]

Continuation of the issue, Azure/azure-workload-identity#381.

Currently, we are using Azure AD Pod Identity for our aks clusters.
We are exploring Azure AD workload identity and able to install using the below links and see it works in nodes as per the given example.
https://azure.github.io/azure-workload-identity/docs/introduction.html
https://github.com/Azure/azure-workload-identity

As mentioned in the 7th point or end of this page, https://azure.github.io/azure-workload-identity/docs/quick-start.html

I have deployed the workload and am able to access the key vault secret via the azure token.

Then I have updated the yaml with nodeSelector & tolerations to install in the virtual-node-aci-linux. Upon deploy, the pod is running but not able to access the keyvault secret.

Error when running kubectl logs podname:
E0215 15:21:21.216383 1 token_credential.go:43] 'failed to read the service account token from the filesystem' err='open /var/run/secrets/azure/tokens/azure-identity-token: no such file or directory'

[helayoty]

@fnuarnav would take a look please?

[joanna-jasnowska-wttech]

Hi, is there any update on this?