When operating the vault-secrets-operator for multiple development teams, it would be great to have some more detailed control over the refresh interval of VaultStaticSecrets and the possible load that could be caused on the Vault server. Therefore, I would like to add the following parameters:
--min-refresh-after-vss - To prevent users from trying to update secrets every second and causing a high load on the Vault server.
--default-refresh-after-vss - To provide a cluster-wide default value for the refresh interval of VaultStaticSecrets for more convenience.
--hmac-horizon-vss - To use some larger interval before the next drift detection happens in case most VaultStaticSecrets rely on instant updates.
When operating the vault-secrets-operator for multiple development teams, it would be great to have some more detailed control over the refresh interval of VaultStaticSecrets and the possible load that could be caused on the Vault server. Therefore, I would like to add the following parameters:
--min-refresh-after-vss- To prevent users from trying to update secrets every second and causing a high load on the Vault server.--default-refresh-after-vss- To provide a cluster-wide default value for the refresh interval of VaultStaticSecrets for more convenience.--hmac-horizon-vss- To use some larger interval before the next drift detection happens in case most VaultStaticSecrets rely on instant updates.