Open Miles-Garnsey opened 6 months ago
As part of #1267 we are adding a lot more computationally intensive stuff to the cleanup process. In my view that makes this ticket higher priority.
I'm going to suggest (without having investigated this idea properly) that we likely want to move to a model where the ReplicatedSecret keeps track (perhaps in it's status) of what secrets it is replicating. This is important, because otherwise there is a lot of calculation work that needs to be repeated on each reconciliation run.
We should try to move a lot of this stuff out of the controller-side cache and persist it inside the resources themselves, to avoid constant re-calculation.
If feasible, we may also wish to consider including the information about which ReplicatedSecrets are watching a given secret in the origin secret itself, since it is hard to keep track of this too.
What is missing?
There are certain cases where a ReplicatedSecret will fail to clean up it's target secrets. This occurs in the following cases:
Why do we need it?
Avoiding orphaned resources. Also potentially for security reasons given we use ReplicatedSecrets to control distribution of keys and certs to targeted datacenters. We do not want those resources accessible from namespaces which don't explicitly need them.
┆Issue is synchronized with this Jira Story by Unito