-
Notifications
You must be signed in to change notification settings - Fork 695
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kubeseal outputs spec.template.metadata.name{,space} but is ignored #499
Comments
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback. |
I'm sorry but I don't understand what's the issue here. What's the problem with |
The implication from "template" is that whatever you fill in will appear on the dependent secret resource. However it doesn't matter what is filled in for name or namespace. No matter what it keeps the same name as the owner reference. This could be useful with tickets like a kustomize plugin (sorry on mobile so can't link) where the sealed secret is named one thing but the actual secret is named with a hash. |
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback. |
Yeah. It's confusing. It shouldn't be there. We need to be careful with backward compat when fixing this though |
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback. |
Due to the lack of activity in the last 7 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary. |
kubeseal version
v0.12.6
and sealed-secrets-controller versionv0.12.5
If I run the following you'll see the name and namespace for the
Secret
is printed underspec.template.metadata
. However, this implies that the fields could be changed and if for some reason you wanted a different name it could work:I'm actually fine with not enabling this feature but it's confusing. I'm wondering if this could be removed from the output of
kubeseal
??Pretty sure the logic is here:
sealed-secrets/cmd/controller/controller.go
Lines 72 to 83 in ce39909
The text was updated successfully, but these errors were encountered: