Convention for referencing secrets in CRDs

securesign / secure-sign-operator

Apache License 2.0

4 stars 17 forks source link

Convention for referencing secrets in CRDs #55

Closed osmman closed 9 months ago

osmman commented 9 months ago

Currently every resource handling references to secret differently. We should standardise it into single method which is compatible with Kubernetes API conventions (Naming, Examples).

[x] Fulcio
[x] Rekor
[x] Trillian
[x] TUF
[x] CTlog

osmman commented 9 months ago

Simple resource reference like this should work for us:

secretRef:
    name: ctlog-secret
    key: private

osmman commented 9 months ago

There is still ctlog, fulcio and trillian resources which need to be modified

cooktheryan commented 9 months ago

Apologies let me know if I can help on this