Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Should not add namespace when sealing "cluster-wide" secret #323

Closed
sfitts opened this issue Nov 23, 2019 · 2 comments · Fixed by #328
Closed

Should not add namespace when sealing "cluster-wide" secret #323

sfitts opened this issue Nov 23, 2019 · 2 comments · Fixed by #328
Labels
bug pr-merged
Milestone
v0.9.7

Comments

@sfitts
Copy link

sfitts commented Nov 23, 2019

When sealing the following secret:

apiVersion: v1
data:
  password: <elided>
  username: <elided>
kind: Secret
metadata:
  annotations:
    sealedsecrets.bitnami.com/cluster-wide: "true"
  name: keycloak
type: Opaque

The resulting SealedSecret resource has the namespace set to "default".

apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
  annotations:
    sealedsecrets.bitnami.com/cluster-wide: "true"
  creationTimestamp: null
  name: keycloak
  namespace: default
spec:
  encryptedData:
  password: <elided>
  username: <elided>
  template:
    metadata:
      annotations:
        sealedsecrets.bitnami.com/cluster-wide: "true"
      creationTimestamp: null
      name: keycloak
      namespace: default
    type: Opaque
status: {}

This makes it harder to use across namespaces as desired. Seems like in this case the resulting SealedSecret should have no namespace added.
@mkmik mkmik mentioned this issue Dec 2, 2019
Merged
@helpr helpr bot added the pr-available label Dec 2, 2019
bors bot added a commit that referenced this issue Dec 2, 2019
@bors
Merge #327
1049ebc 
327: Refactor TestSeal to be table-driven r=mkmik a=mkmik

In preparation to address #323

Co-authored-by: Marko Mikulicic <mkm@bitnami.com>
@bors bors bot closed this as completed in 1a49e3f Dec 2, 2019
@mkmik mkmik reopened this Dec 2, 2019
@mkmik
Copy link
Collaborator

mkmik commented Dec 2, 2019

GH misparsed a natural language sentence as a directive to close the issue 🤦‍♂

@mkmik mkmik mentioned this issue Dec 2, 2019
Merged
@mkmik
Copy link
Collaborator

mkmik commented Dec 2, 2019

#328 contains the actual fix that would close the issue

@mkmik mkmik added this to the v0.9.7 milestone Dec 2, 2019
@mkmik mkmik added the bug label Dec 2, 2019
bors bot added a commit that referenced this issue Dec 2, 2019
@bors
Merge #328
ad6e649 
328: Avoid materializing default namespace r=mkmik a=mkmik

Closes #323

Co-authored-by: Marko Mikulicic <mkm@bitnami.com>
@bors bors bot closed this as completed in 68ff559 Dec 2, 2019
@bors bors bot closed this as completed in #328 Dec 2, 2019
@helpr helpr bot added pr-merged and removed pr-available labels Dec 2, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug pr-merged
Projects
None yet
Milestone
v0.9.7
Development

Successfully merging a pull request may close this issue.

Avoid materializing default namespace bitnami-labs/sealed-secrets
2 participants
@mkmik @sfitts