My team is using kubernetes-replicator in the Initium project to do a push based secret replication. We're facing issues to avoid that existing secrets get overwritten. That's what happens: When the source secret has the same name of an existing secret in target, the target one gets replaced. Source is always the source of true.
I understand that to be the default behavior, but I'd like to propose to make this configurable, as it's currently a blocker for us.
Suggested solution:
Replicator checks an annotation at target secret, that can disable the default behavior. Then, it doesn't replicate values from source to that specific annotated secret.
eg: replicator.v1.mittwald.de/protect-from-overwrite: true
We're available to collaborate by doing this implementation if you agree.
francardoso93
commented
9 months ago
My team is using kubernetes-replicator in the Initium project to do a push based secret replication. We're facing issues to avoid that existing secrets get overwritten. That's what happens: When the source secret has the same name of an existing secret in target, the target one gets replaced. Source is always the source of true. I understand that to be the default behavior, but I'd like to propose to make this configurable, as it's currently a blocker for us.
Suggested solution: Replicator checks an annotation at target secret, that can disable the default behavior. Then, it doesn't replicate values from source to that specific annotated secret. eg:
replicator.v1.mittwald.de/protect-from-overwrite: trueWe're available to collaborate by doing this implementation if you agree.