Explicit secret in Smith should not merge keys

Question

Explicit secret in Smith should not merge keys

Closed this issue 7 years ago · 0 comments

If you define an explicit secret in the bundle such as:

 - name: b
    spec:
      object:
        metadata:
          name: b
        apiVersion: v1
        kind: Secret
        stringData:
          mysecret2: notreallysecret

It updates the existing secret (i.e. leaving earlier keys there) due to kubernetes compatible processing of stringData. This means on resource renames etc. old data is left around. Suggest that we make stringData do a complete replacement rather than an update, given that Smith has different requirements than raw kube.

Given that the usage of explicit secrets is minimal, and this is less of an issue with generated secrets, this is probably low-priority.