Lifecycle management for ExternalSecrets#16
Conversation
sabre1041
force-pushed
the
externalsecrets-lifecycle
branch
from
d10c38f to
ed6ffb9
Compare
sabre1041
force-pushed
the
externalsecrets-lifecycle
branch
from
ed6ffb9 to
ad39ae0
Compare
minmzzhang
left a comment
minmzzhang
left a comment
There was a problem hiding this comment.
Overall I like this lifecycle management implementation. Just one thing to consider, shall we use a _helper.tpl to extract the repetitive blocks for each template?
| refreshPolicy: Periodic | ||
| annotations: {} | ||
| labels: {} | ||
| adminUser: |
There was a problem hiding this comment.
is it keycloak admin user? is it possible to add comments here referencing back to the templates?
| adminUser: | ||
| creationPolicy: Owner | ||
| deletionPolicy: Retain | ||
| refreshPolicy: Periodic |
There was a problem hiding this comment.
since we specified the refreshPolicy as Periodic, do we want to add the refreshInterval as configurable?
sabre1041
force-pushed
the
externalsecrets-lifecycle
branch
2 times, most recently
from
2227aa6 to
c3fc675
Compare
Added as per suggestion |
|
LGTM! |
|
@minmzzhang found an issue with this PR. Will request another review soon |
sabre1041
force-pushed
the
externalsecrets-lifecycle
branch
from
c3fc675 to
425b602
Compare
sabre1041
force-pushed
the
externalsecrets-lifecycle
branch
from
425b602 to
ba8576f
Compare
|
@minmzzhang This is once again ready for review. My latest tests were performed using the RH ESO as part of validatedpatterns/layered-zero-trust#123. The functionality that we have been desiring was achieved |
| labels: {} | ||
| oidcClientSecret: | ||
| annotations: {} | ||
| labels: {} |
There was a problem hiding this comment.
Are the annotations and labels referenced anywhere? Do we want to update this one to the same as majority of other keys:
metadata: {}
targetMetadata: {}
| #refreshInterval: 1h | ||
| postgresqlDb: | ||
| annotations: {} | ||
| labels: {} |
There was a problem hiding this comment.
Are the annotations and labels referenced anywhere? Do we want to update this one to the same as majority of other keys:
metadata: {}
targetMetadata: {}
| #refreshInterval: 1h | ||
| rhtpa: | ||
| annotations: {} | ||
| labels: {} |
There was a problem hiding this comment.
Are the annotations and labels referenced anywhere? Do we want to update this one to the same as majority of other keys:
metadata: {}
targetMetadata: {}
There was a problem hiding this comment.
removed older values and replaced with metadata: {} and labels: {}
| #deletionPolicy: Retain | ||
| #refreshPolicy: Periodic | ||
| #refreshInterval: 1h | ||
| labels: {} |
There was a problem hiding this comment.
Is this key labels still needed?
Signed-off-by: Andrew Block <andy.block@gmail.com>
sabre1041
force-pushed
the
externalsecrets-lifecycle
branch
from
ba8576f to
b953546
Compare
Good callout. Made appropriate adjustments |
2 participants
Lifecycle management for ExternalSecrets