Keep reconciling after initial Secret creation
michaelniemand opened this issue · 2 comments
Summary
After a secret has been initially created, the operator should keep reconciling to re-create a Secret if it has been deleted or changed
Use cases
The secret is always there and the app is kept in a workable state; even if someone deletes or manually changes the secret
Proposed solution
I am no programmer but there needs to be a loop that constantly reconciles onepassword items (desired state) and k8s secret objects (actual state)
Is there a workaround to accomplish this today?
delete and re-create the onepassword item
References & Prior Work
external-secrets does this
ok it seems the secret did get recreated 10 hours after deleting it
OP Item: lastTransitionTime: "2023-10-25T16:16:57Z"
Secret: creationTimestamp: "2023-10-26T06:14:34Z"
So the reconciliation period appears to be 10 hours? It would be great if that was configurable!
Have you checked the operator.pollingInterval parameter? The documentation is available here.
I encountered the same issue, but by reducing the polling interval, I noticed that my password changes take effect more quickly. I've opened an issue to propose adding information about this parameter to the documentation (#179 ).