search

tuenti / secrets-manager

A daemon to sync Vault secrets to Kubernetes secrets
Apache License 2.0
171 stars 26 forks source link

I 38 watch namespace #39

Closed fcgravalos closed 4 years ago

fcgravalos commented 4 years ago

Fixes #38

The idea is being able of restrict the controller to a particular namespace as proposed here:

https://github.com/hashicorp/vault/issues/7364

dannyk81 commented 4 years ago

@fcgravalos this is awesome! I wonder if we should consider using an "include/exclude" approach instead though?

Current PR implementation allows for either all namespaces or one namespace to be watched, I could imagine use cases where we would like a single secrets-manager to handle a group of namespaces (or exclude just several ones).

WDYT? overkill? or perhaps could be a welcome flexibility?

fcgravalos commented 4 years ago

@fcgravalos this is awesome! I wonder if we should consider using an "include/exclude" approach instead though?

Current PR implementation allows for either all namespaces or one namespace to be watched, I could imagine use cases where we would like a single secrets-manager to handle a group of namespaces (or exclude just several ones).

WDYT? overkill? or perhaps could be a welcome flexibility?

I was considering it too, but took as an example nginx ingress controller that seems to just watch either one or all and thought it would be simpler.

In any case it seems a good idea too! Thanks! Let me figure out what are the implications and I'll get back to you :)

codecov-io commented 4 years ago

Codecov Report

Merging #39 into master will increase coverage by 0.25%. The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master      #39      +/-   ##
==========================================
+ Coverage      84%   84.25%   +0.25%     
==========================================
  Files           8        8              
  Lines         425      432       +7     
==========================================
+ Hits          357      364       +7     
  Misses         51       51              
  Partials       17       17
Impacted Files Coverage Δ
controllers/secretdefinition_controller.go 77.03% <100%> (+1.25%) :arrow_up:

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update b7b5ccc...f705b14. Read the comment docs.

fcgravalos commented 4 years ago

@eduardogr Thanks for your comments and sorry, we went ahead and merged and didn't realize about them.

I think it would be great if you can file a PR with your suggestion and let's build snapshot-2.

We can also sit down together and discuss about versioning/release process.

eduardogr commented 4 years ago

i thinks it could be nice for my PR here, I'll do it! Thanks!