Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add custom secret label and annotation options to chart #287

Merged
merged 2 commits into from
Apr 27, 2023
Merged

feat: add custom secret label and annotation options to chart #287

merged 2 commits into from
Apr 27, 2023

Conversation

toVersus
Copy link
Contributor

@toVersus toVersus commented Apr 7, 2022

This is a relatively small change and motivation is same as #280, so directly create a PR.

What was changed

This PR adds the ability to set custom labels and annotations to the secret resources. It only supports cluster level configuration knob, so users cannot add component level extra labels and annotations to the secret resources.

Why?

In our case, we inject sensitive data (e.g. database password) from remote secret store (e.g. GCP Secret Manager) using mutating admission webhook, and adding labels to tell our custom admission webhook to inject sensitive data or not. Other common use-case might be adding annotations to the secret resources and mutate them by Vault Agent Injector. I'm not sure there are some use-cases to require component level labels and annotations, so just add cluster level options.

Checklist

  1. How was this tested:
    I ran this PR through helm template temporal -n temporal -f values.yaml . and confirmed no change to the output from previous, then added some label and annotation key:value pairs and confirmed the appeared in the correct places in the YAML.

  2. Any docs updates needed?
    No. The existing custom pod level labels and annotations functionality is also undocumented.

mindaugasrukas
mindaugasrukas approved these changes Apr 26, 2023
View reviewed changes
Copy link
Contributor

@mindaugasrukas mindaugasrukas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mindaugasrukas mindaugasrukas merged commit a215ce4 into temporalio:master Apr 27, 2023
1 check passed
@toVersus toVersus deleted the feat/add-extra-secret-metadata branch April 27, 2023 23:07
omerosaienni pushed a commit to vhadianto/temporal-helm-charts that referenced this pull request Jan 19, 2024
@toVersus @mindaugasrukas @omerosaienni
feat: add custom secret label and annotation options to chart (tempor…
8769557 
…alio#287)

Co-authored-by: Mind.R <3825716+mindaugasrukas@users.noreply.github.com>
omerosaienni pushed a commit to vhadianto/temporal-helm-charts that referenced this pull request Jan 19, 2024
@toVersus @mindaugasrukas @omerosaienni
feat: add custom secret label and annotation options to chart (tempor…
f01a0cf 
…alio#287)

Co-authored-by: Mind.R <3825716+mindaugasrukas@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@underrun underrun underrun approved these changes

@mindaugasrukas mindaugasrukas mindaugasrukas approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@toVersus @underrun @mindaugasrukas