feat: implement secret adoption #633
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
olevski
previously approved these changes
Jul 16, 2024
Comment on lines
+235
to
+255
| func (cr *AmaltheaSession) AllSecrets() v1.SecretList { | ||
| secrets := v1.SecretList{} | ||
|
|
||
| if cr.Spec.Ingress != nil && cr.Spec.Ingress.TLSSecretName != nil { | ||
| secrets.Items = append(secrets.Items, v1.Secret{ | ||
| ObjectMeta: metav1.ObjectMeta{ | ||
| Namespace: cr.Namespace, | ||
| Name: *cr.Spec.Ingress.TLSSecretName, | ||
| }, | ||
| }) | ||
| } | ||
|
|
||
| return secrets | ||
| } |
There was a problem hiding this comment.
There could be more.
I looked around and there is:
- CloningConfigSecretRef
- ConfigSecretRef
- For data sources there could be a secret too
But it is all the same to me we can add these in when we add the functionality for cloning code and data sources. Whatever you prefer.
There was a problem hiding this comment.
There's also the authentication related secret however I was thinking about adding them while we are implementing the corresponding features so that if for some reason we change the definition we don't have to change the code as well.
If an AmaltheaSession adopts the secrets used for its functionality, they will be deleted when the same happens to the CRD.
This allows to keep all the code related the CRD in one place. Currently only the Ingress is concerned but later on, the Authentication, Project and Storage objects will also be concerned.
sgaist
force-pushed
the
feature/secrets-adoption
branch
from
a756faf to
c911864
Compare
|
@olevski I've added the RBAC directly so we don't have to do it later. |
olevski
approved these changes
Jul 16, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Describe your changes
This PR implements secrets adoption where secrets used for AmaltheaSession will get deleted when the session itself is deleted.
Following discussion, the method selected is through a finalizer.
Issue ticket number and link
Closes #632
Part of SwissDataScienceCenter/renku#3679