Skip to content
kustomzie plugins
Go Makefile Dockerfile Shell
Branch: master
Clone or download
Latest commit 3b9bccb Nov 29, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
plugin/bitnami.com/v1alpha1/sealedsecrettransformer
scripts
test/app
transformerconfigs/bitnami.com/v1alpha1
.dockerignore
.gitignore
Dockerfile
LICENSE
Makefile
README.md
go.mod
go.sum

README.md

kustomize-plugins

docker

sealed secret transformer

This plugin was developed in aims to restart pods when sealed secret are modified. But this plugin won't work by default. Because sealed secret which metadata.name modified with name-${hash} cannot be decrypted bacause of the scope of sealed secret encryption. To make it work, you need to set sealed secret scope to namespace-wide. Before using this plugin, please consider the other options to restart pods when secret changed (e.g. https://github.com/stakater/Reloader).

more details about this.

prerequisites

  • go 1.13.4
  • kustomize 3.4.0
  • sealed secret 0.9.5

installation

$ git clone https://github.com/plaidev/kustomize-plugins.git
$ make setup
$ XDG_CONFIG_HOME=<PLUGIN_PATH> make build
# then sealed secret transformer plugin will be built in
# $XDG_CONFIG_HOME/kustomize/plugin/bitnami.com/v1alpha1/sealedsecrettransformer/SealedSecretTransformer.so

test

  • unit test: make unit-test
  • test: make test
You can’t perform that action at this time.