dashboard icon indicating copy to clipboard operation
dashboard copied to clipboard

Published 20 hours ago verified publisher icon gardener

`cloudprofile.garden.sapcloud.io/name` label should not be mandatory

Open ialidzhikov opened this issue 4 years ago • 11 comments

What would you like to be added: Currently the dashboard does not show Secrets under <host>/namespace/<namespace>/secrets/ when the SecretBinding does not have the cloudprofile.garden.sapcloud.io/name label.

From end user perspective it is not okay that you need to label the SecretBinding in order to be able to see it in the dashboard (and then edit it). I would expect to create a SecretBinding with any means and to be able to see it in the dashboard without applying additional labels. P.S. I also realise that the SecretBinding or Secret don't have a field that indicates the provider type which is required for the sorting by provider in the secrets page.

Steps to reproduce:

  1. Create Secret and SecretBinding that does not have this label
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: crazy-botany
  namespace: garden-foo
type: Opaque
data:
  # omitted
---
apiVersion: core.gardener.cloud/v1beta1
kind: SecretBinding
metadata:
  name:  crazy-botany
  namespace: garden-foo
secretRef:
  name: crazy-botany
  namespace: garden-foo
EOF
  1. Go to <host>/namespace/<namespace>/secrets/ and ensure that only SecretBindings that have the label are shown

ialidzhikov avatar Aug 17 '20 21:08 ialidzhikov

/area usability

ialidzhikov avatar Aug 17 '20 21:08 ialidzhikov

Hi @ialidzhikov, can you also explain why this is needed?

petersutter avatar Aug 18 '20 08:08 petersutter

Because you can create your SecretBinding with kubectl for example (or any other means != dashboard) (and for sure you won't apply the cloudprofile label) and then your Secret won't be visible in the dashbaord.

ialidzhikov avatar Aug 18 '20 09:08 ialidzhikov

  • a) Do you just want to have the secret visible on the secrets page (in a "Uncategorized" section or similar) and then be able to assgin it to a cloud profile via the dashboard?
  • b) Or do you want to have this secret visible on the secrets page in a sperate section AND be able to select this "generic" secret on the Create Cluster dialoag. As it is uncategorized it will be shown for all infrastructures and cloudprofiles
  • c) A combination of a) and b)
  • d) something different...

petersutter avatar Aug 18 '20 09:08 petersutter

@ialidzhikov can you give feedback so that we can decide how to proceed here?

grolu avatar Oct 06 '20 10:10 grolu

The Gardener project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed You can:
  • Mark this issue or PR as fresh with /remove-lifecycle rotten
  • Close this issue or PR with /close

/lifecycle rotten

gardener-ci-robot avatar Feb 09 '22 08:02 gardener-ci-robot

@gardener-ci-robot Command /add is not available to you but only to a Maintainer, Member, Author.

gardener-robot avatar Feb 09 '22 08:02 gardener-robot

Now there is also the .provider.type field in the SecretBinding resource. When displaying Secrets I would rather try to use this field instead of expecting/relying on cloudprofile.garden.sapcloud.io/name label.

ialidzhikov avatar Jun 26 '22 18:06 ialidzhikov