Moritz Johner

> I think that the default should continue to be distroless as before, we just want another image built that we could use it to replace the default... Agreed! >...

> Where should that tagging be done? I would first try to bake that into the `Makefile`, if that gets to complex/ugly i'd factor out a shell script that does...

Hey @abrarcv170 :wave:! The point is to manage the lifecycle of secrets that live outside Kubernetes: get them into the cluster so apps can consume them and keep them up...

Related on that topic: When using `Kind=ServiceMonitor` a user can drop metrics that he/she isn't interested in. Had the issue last week with high cardinality labels. Here's an example, if...

Thanks for writing this up, i noticed that bug, too! This is an issue with `experimental-enable-aws-session-cache` which is not concurrency safe.

I've restructured the docs in #1539 (to be merged) and added a section for CLI args here: https://github.com/external-secrets/external-secrets/pull/1539/files#diff-f7b862349bfea07473d1d9f4904410fc6f36309d1d26704fcaa59c347f250430 So it will be there soon :tm:

I don't quite understand your request. Do i understand it correctly that you're trying to figure out an authentication method to retrieve secrets from vault? Further, you're concern is mostly...

> [...] to see if we can find a way to store that token in a secret repo to use that for authentication. There is no way of "hiding" that...

Hey, you should be able to use `toYaml` / `fromYaml` template functions, [see docs](https://external-secrets.io/v0.5.9/guides-templating/#helper-functions). This allows you to decode the yaml string into a `map[string]interface{}` and then you can access...

Hey, here's a full example: ```yaml apiVersion: external-secrets.io/v1beta1 kind: ClusterSecretStore metadata: name: fake spec: provider: fake: data: - key: "/foo/bar" value: | foo: bar baz: bang bazing: bong: shring version:...