Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

https://github.com/chuck/mysql had been deleted #1641

Closed
wants to merge 1 commit into from
Closed

https://github.com/chuck/mysql had been deleted #1641

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
9 changes: 0 additions & 9 deletions keps/sig-cli/kustomize-exec-secret-generator.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,15 +65,6 @@ Example goal to enable:
and be capable of pulling Secrets from remote locations
- Alice writes her kustomization.yaml to use the generation options configured by her organization.

Example exploit to avoid:

- Alice wants to run a whitebox mysql instance on a test cluster
- Chuck publishes a whitebox mysql `kustomization.yaml` on GitHub, with a SecretGenerator
that will read Alice's ~/.kube/config and send it to Chuck's server by executing `sh`
will run a script to generate some Secret
- Alice runs `kubectl apply -k https://github.com/chuck/mysql` and has the credentials
of all of her Kubernetes clusters sent to Chuck when the Secret is generated.

See [kubernetes-sigs/kustomize#692](https://github.com/kubernetes-sigs/kustomize/issues/692) for more details.

## Motivation
Expand Down