search

tektoncd / results

Long term storage of execution results.
Apache License 2.0
77 stars 74 forks source link

Delete Results data on namespace removal/termination #276

Open adambkaplan opened 1 year ago

adambkaplan commented 1 year ago

Feature request

When a namespace is deleted, ensure that all Results data related to that namespace is deleted.

Use case

Note that our authz checks rely on namespace-scoped SAR checks - if a namespace is deleted, only users with elevated permissions may access Results data.

tekton-robot commented 1 year ago

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale with a justification. Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with /close with a justification. If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/lifecycle stale

Send feedback to tektoncd/plumbing.

adambkaplan commented 1 year ago

/lifecycle frozen

This is something we should keep on the roadmap.

adambkaplan commented 1 year ago

/area roadmap

khrm commented 1 year ago

This should be implemented in the feature flag way because there are use-cases where we want to access logs/metadata when a namespace is deleted.

adambkaplan commented 1 year ago

This should be implemented in the feature flag way because there are use-cases where we want to access logs/metadata when a namespace is deleted.

Something to verify is if SAR checks work if the namespace is deleted, but the user accessing the record has cluster-scoped permission to view the data in Results.