Feature: Use ownerReference on secrets #45
Comments
|
Just found out that Which brings up a question, why is the CRD namespaced? All other Kubernetes resources that have the Cluster- prefix are cluster-scoped instead of namespace-scoped. Was this a conscious decision? |
|
Hi Jillie |
|
Hmm this made me think. Pro namespace-scoped:
Pro cluster-scoped:
Yea the security functionality vs conventions is an obvious win to the former. (Maybe a name such as However the namespace-scoped RBAC use case should probably be documented, as I could assume an easy misconfiguration would be to have 1 global ClusterSecret operator, but then try to lock down creation of ClusterSecret CR to the namespaces. The ClusterSecret could then be used to steal secrets from other namespaces you otherwise wouldn't have access to. Having multiple operators running is clunky, but it's as far as I can tell the only option for such a usecase. Would need some way to not make multiple operators step on each other's toes then as well though. Tricky topic! |
By setting
ownerReferenceon the secrets pointing to the source ClusterSecret Custom Resource adds a coupling that is both useful when just looking at the YAML of a secret, as well as then the operator could offload the deletion of secrets when the parent ClusterSecret is removed to the kubernetes built-in APIs.The
ownerReferencefield can also be added on existing objects, so the secrets wont have to be recreated when adding this feature, only updated.The text was updated successfully, but these errors were encountered: