search

submariner-io / submariner-operator

Operator that deploys the various Submariner components.
Apache License 2.0
104 stars 65 forks source link

Automated backport of #3064: Configure SAs to enforce mountable secrets #3144

Closed skitt closed 1 month ago

skitt commented 2 months ago

Backport of #3064 on release-0.16.

3064: Configure SAs to enforce mountable secrets

For details on the backport process, see the backport requests page.

submariner-bot commented 2 months ago

🤖 Created branch: z_pr3144/skitt/automated-backport-of-#3064-origin-release-0.16 🚀 Full E2E won't run until the "ready-to-test" label is applied. I will add it automatically once the PR has 2 approvals, or you can add it manually.

skitt commented 2 months ago

I’m wary of the upgrade impacts of this change (in particular the renamed broker secret) on upgrades from one patch release to the next — we won’t be able to enforce the use of subctl upgrade in all cases.

tpantelis commented 1 month ago

We need to re-generate the yamls.go file rather than backporting it.

submariner-bot commented 1 month ago

🤖 Closed branches: [z_pr3144/skitt/automated-backport-of-#3064-origin-release-0.16]