-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support replacing kops secrets via force flag #3899
Support replacing kops secrets via force flag #3899
Conversation
/assign @chrislovecnm @justinsb What do you think, is this new behaviour ok or would you see it implemented differently? Example usage:
|
@@ -221,5 +236,8 @@ func (c *ClientsetSecretStore) createSecret(s *fi.Secret, name string) (*kops.Ke | |||
PrivateMaterial: s.Data, | |||
}) | |||
|
|||
if replace { | |||
return c.clientset.Keysets(c.namespace).Update(keyset) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Challenge here:I think Update fails if the secret doesn't exist. You would have to read it first.
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: justinsb The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
/test all [submit-queue is verifying that this PR is safe to merge] |
Opened #3902 to track that maybe-issue |
Automatic merge from submit-queue. |
--force
flag when creatingencryptionconfig
ordockerconfig
secrets, so they can be replaced if they already exist.