Skip to content
This repository has been archived by the owner on Jul 26, 2022. It is now read-only.

Support for Annotations #137

Closed
cabrinha opened this issue Jul 27, 2019 · 1 comment
Closed

Support for Annotations #137

cabrinha opened this issue Jul 27, 2019 · 1 comment

Comments

@cabrinha
Copy link

cabrinha commented Jul 27, 2019
edited
Loading

Support for Annotations

Thanks for the great piece of software. I'm looking to use external-secrets alongside kubernetes-replicator and in order to automatically duplicate my external secrets to different namespaces, they need to contain an annotation of:

    replicator.v1.mittwald.de/replication-allowed: "true"
    replicator.v1.mittwald.de/replication-allowed-namespaces: .*

However, when I create my external secret with these annotations, they are not carried over into the kubernetes secret object, preventing them from being replicated.

Please consider passing all/some annotations from the ExternalSecret object to the Secret object.

Steps to reproduce

Create an ExternalSecret with the annotations:

apiVersion: kubernetes-client.io/v1
kind: ExternalSecret
metadata:
  annotations:
    replicator.v1.mittwald.de/replication-allowed: "true"
    replicator.v1.mittwald.de/replication-allowed-namespaces: .*
  name: datadog
  namespace: default
secretDescriptor:
  backendType: secretsManager
  data:
  - key: datadog
    name: datadog-api-key
    property: datadog-api-key
  - key: datadog
    name: datadog-auth-token
    property: datadog-auth-token

See that the resulting Secret does not contain annotations:

apiVersion: v1
data:
  datadog-api-key: xxx
  datadog-auth-token: xxx
kind: Secret
metadata:
  creationTimestamp: "2019-07-28T16:26:16Z"
  name: datadog
  namespace: default
  ownerReferences:
  - apiVersion: kubernetes-client.io/v1
    controller: true
    kind: ExternalSecret
    name: datadog
    uid: 86859120-affc-11e9-a909-025f2055801a
  resourceVersion: "649857"
  selfLink: /api/v1/namespaces/default/secrets/datadog
  uid: 6c3f8ecf-b154-11e9-a909-025f2055801a
type: Opaque
@cabrinha cabrinha reopened this Jul 29, 2019
This was referenced Jul 29, 2019
Closed
Closed
@Flydiverny
Copy link
Member

Flydiverny commented Nov 9, 2019
edited
Loading

Setting secret annotations are now supported through template in 2.1.0

apiVersion: kubernetes-client.io/v1
kind: ExternalSecret
metadata:
  name: test
spec:
  backendType: systemManager
  template:
    metadata:
      annotations:
        my-annotation: "hello world"# <--
  data:
  - key: /test/test
    name: test-test

which should give you a secret like:

apiVersion: v1
kind: Secret
metadata:
  name: test
  annotations:
    my-annotation: "hello world" # <--
data:
  test-test: dGVzdA==
type: Opaque

@snyk-bot snyk-bot mentioned this issue Jan 20, 2021
Open
@KevinBonilla KevinBonilla mentioned this issue Dec 7, 2022
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support for Annotations
feat: adding annotations support
2 participants
@Flydiverny @cabrinha