A simple Kubernetes client-go application that creates and patches imagePullSecrets to service accounts in all Kubernetes namespaces to allow cluster-wide authenticated access to private container registry.
When the managedonly configuration setting is enabled, this tool ends up skipping those secrets that are properly managed by imagepullsecret-patcher, and does actually overwrite secrets that are not managed by it.
This project does not appear to be actively maintained, so I'm just going to leave this issue here for others to be aware. If PRs start getting acknowledged again in the future here, I can submit a PR to fix this.
When the
managedonly
configuration setting is enabled, this tool ends up skipping those secrets that are properly managed by imagepullsecret-patcher, and does actually overwrite secrets that are not managed by it.It appears to be a simple bug in the evaluation here: https://github.com/titansoft-pte-ltd/imagepullsecret-patcher/blob/master/main.go#L156
This should actually be