kubernetes-operator icon indicating copy to clipboard operation
kubernetes-operator copied to clipboard
verified publisher icon DopplerHQ

Add support for labels in managed secrets

Open tommatime opened this issue 1 year ago • 3 comments

This adds the ability to specify labels to be synced to the managed secret. There is currently no way to ensure a label is added to the managed secret which is required, for example, to set the secret-type for ArgoCD resources. If omitted, the existing "secrets.doppler.com/subtype": "dopplerSecret" label is applied to the managed Secret. If labels are included, the existing subtype label will be appended to the user-supplied labels to ensure it is not overwritten.

Syntax:

apiVersion: secrets.doppler.com/v1alpha1
kind: DopplerSecret
metadata:
  name: dopplersecret-test
  namespace: doppler-operator-system
spec:
  tokenSecret:
    name: doppler-token-secret
  managedSecret:
    name: doppler-test-secret
    namespace: default
    labels:
      doppler-secret-label: test

Fixes #64

tommatime avatar Aug 13 '24 02:08 tommatime

This is my first contribution to this project (and my first OSS contribution in general :partying_face: ), so please let me know if any additional updates or documentation changes are necessary.

A comment on the original issue also requests support for annotations on the managed secret. This should be very similar to labels, so let me know if this functionality is desired and I can add that to this PR as well.

Thanks!

tommatime avatar Aug 13 '24 02:08 tommatime

Thanks so much for your submission, @tommatime! And congrats on your first OSS contribution! 🎉

We'll take a look at this PR and get back to you with feedback shortly.

nmanoogian avatar Aug 13 '24 14:08 nmanoogian

This is great, what do we need to get this over the finish line? This would be such a nice feature.

srevinsaju avatar Feb 18 '25 05:02 srevinsaju

I was just looking for this... looks like I need to use ESO for now?

Q-efx avatar Apr 27 '25 18:04 Q-efx

Agree with the above sentiments; this is required for feeding argocd labels.

@nmanoogian This looks pretty much ready to ship for just the labels implementation if the annotation refactor was agreed to be done later; are there any particular concerns? We can probably pick this up and get it over the line if @tommatime is no longer able to work on it.

dwilliams782 avatar May 09 '25 10:05 dwilliams782

Yep, great points and sorry again for the delay. I went ahead and applied my feedback on another branch, along with the changes to add support for annotations. I'll close this PR in favor of https://github.com/DopplerHQ/kubernetes-operator/pull/84

nmanoogian avatar May 09 '25 18:05 nmanoogian