search

mittwald / kubernetes-secret-generator

Kubernetes controller for automatically generating and updating secrets
Apache License 2.0
329 stars 56 forks source link

Allow passing custom annotations to CR-generated secrets #73

Closed aiceball closed 2 years ago

aiceball commented 2 years ago

Is your feature request related to a problem? Please describe. When using secrets generated by CR definitions I am unable to add custom annotations at deployment time. Custom annotations on generated secrets are useful when using something like reflector.

On old-format (annotation-based) secrets that was not a problem, however CR-based secrets are much cleaner for GitOps diffing.

Describe the solution you'd like Allow passing annotations from CR definitions to generated secrets, something like:

apiVersion: "secretgenerator.mittwald.de/v1alpha1"
kind: "StringSecret"
metadata:
  name: "example-pw"
  namespace: "default"
spec:
  annotations:
    <insert your custom annotations for the created secret here>
  forceRegenerate: false
  data:
    username: "testuser"
  fields:
    - fieldName: "test"
      encoding: "hex"
      length: "15"

Describe alternatives you've considered Falling back onto annotation-based secret generation, but inconvenient when using GitOps, as the diffs are detected as out of sync.

mittwald-machine commented 2 years ago

There has not been any activity to this issue in the last 30 days. It will automatically be closed after 7 more days. Remove the stale label to prevent this.