Closed Startouf closed 1 year ago
This is a fantastic idea, and I only recently learned that it even existed as a possibility :-)
I definitely think it should be added as an option, and it shouldn't be too hard.
I thought about this a little more, and I think this is not really the responsibility of this tool. The cronjob simply refreshes the docker secret periodically to keep it from expiring.
It is left up to the Kubernetes cluster owner to use that secret, either as a pull secret in the deployment/pod/chart, or as a default secret on the service account. The tool doesn't really care (or impact) which approach you take.
I'll close this for now, but if you think I've misunderstood this suggestion, please feel free to reopen.
I have seen many versions of this script where the default service account of each namespace would be updated with the image pull secrets to avoid replacing chart values
Maybe this could be added as an optional feature ?