Move the secret binding to the shoot resource
a-thaler opened this issue · 3 comments
Description
With one provider definition, I want to deploy multiple gardener cluster in the same project. As the secret binding is part of the provider definition I'm forced to define multiple provider definitions in my manifest which seems not reasonable. Please move it as a standard configuration option for a shoot resource.
The profile attribute can be even derived from the kubeconfig itself and might be removed.
Reasons
We should be close as possible to the original gardener shoot definition and do not block usage scenarios without reason (managing multiple clusters with different secrets each in one manifest)
You only need to define multiple providers only if you have two secrets for the same infrastructure type, which doesn't happen that often and I think it's more convenient to have the secrets set once and used multiple times since it's usually the same secret binding used per infrastructure type
Or you want to manage clusters across different cloud provider projects or even across different cloud providers.
However, main argument is to be more close to the gardener API
added to the resource schema as part of the schema changed