TJM / vault-gcp-secrets

Create a Kubernetes secret with the service account key from a vault gcp roleset. This handles generic (Opaque) secrets or docker-registry (dockerconfigjson) secrets.
Apache License 2.0
4 stars 1 forks source link

Re-applying the chart causes the secret value to be replaced #87

Open TJM opened 1 year ago

TJM commented 1 year ago

If the helm chart is re-applied, without making any changes, it will replace the "valid" secret value with the placeholder. If any changes are made, it usually results in a restart of the pod, which will replace the placeholder secret with a valid one again. We should look into how to manage the creation, but not replacement of the secret.