Skip to content

Keep secrets in the controller namespace for AWSClusterStaticIdentity #2400

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
sedefsavas opened this issue May 12, 2021 · 1 comment · Fixed by #2425
Closed

Keep secrets in the controller namespace for AWSClusterStaticIdentity #2400

sedefsavas opened this issue May 12, 2021 · 1 comment · Fixed by #2425
Assignees
@sedefsavas
Labels
kind/backport Issues or PRs requiring backports
Milestone
v0.7.0

Comments

@sedefsavas
Copy link
Contributor

We currently read secrets from all namespaces for AWSClusterStaticIdentity SecretRef field, but following the discussions here: kubernetes-sigs/cluster-api#4514 and in the May 12th cluster-api office hours, we want to allow using secrets from only in the controller-namespace for Cluster-scoped resources such as AWSClusterStaticIdentity.

This will also make it easier for clusterctl move operation, so that it does not have to look for secrets in all namespaces.

/milestone v0.7.0
/kind backport
/assign
@k8s-ci-robot k8s-ci-robot added this to the v0.7.0 milestone May 12, 2021
@k8s-ci-robot k8s-ci-robot added the kind/backport Issues or PRs requiring backports label May 12, 2021
@sedefsavas
Copy link
Contributor Author

clusterctl issue: kubernetes-sigs/cluster-api#4598

@sedefsavas sedefsavas mentioned this issue May 24, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sedefsavas sedefsavas

Labels
kind/backport Issues or PRs requiring backports
Projects
None yet
Milestone
v0.7.0
2 participants
@k8s-ci-robot @sedefsavas