Closed GrahamDumpleton closed 1 month ago
Problem appears to be that secretexporter gets fed into:
def matches_source_secret(secret_name, secret_namespace, configs):
"""Returns all configs which match the secret passed as argument."""
for config_obj in configs:
rules = lookup(config_obj, "spec.rules", [])
for rule in rules:
source_secret_name = lookup(rule, "sourceSecret.name")
source_secret_namespace = lookup(rule, "sourceSecret.namespace")
if (
secret_name == source_secret_name
and secret_namespace == source_secret_namespace
):
yield config_obj
continue
The secretexporter has no sourceSecret
property as the resource name and namespace dictate the source secret.
Can probably fake up a sourceSecret
property in rule when first processed.
Describe the bug
When using
SecretExporter/SecretImporter
, if the source secret already exists then it will be copied immediately.If the source secret doesn't exist, it will only be copied up to a minute after the secret is created, as reconciliation for
SecretExporter
is not triggered properly when an event occurs on arbitrary secrets, even though they seem to be included as to be reconciled.Issue may be that since
SecretExporter
is namespaced it isn't being processed properly.Additional information
No response