GitHub - araminian/vcluster-secret-syncer: A VCluster Plugin to Sync Any Desired Secret to Any VCluster Namespace

Secret Syncer VCluster Plugin

This plugin is used to sync desired secrets from host cluster to vcluster. The secrets are synced from the namespace whene vcluster is installed into.

How to Install Plugin

To use the plugin, create or update vluster using plugin.yaml file. The plugin.yaml file is used to confgiure vlcuster to use Secret Syncer plugin.

vcluster create my-vcluster -n ssyncer -f https://raw.githubusercontent.com/araminian/vcluster-secret-syncer/main/plugin.yaml

This command will create a vcluster named my-vcluster in namespace ssyncer and will use Secret Syncer plugin to sync desired secrets from host cluster to vcluster.

How to Use Plugin

To sync any secrets from vcluster host namespace to any namespace in vcluster, we are using following annotations which both are required.

    "secret-syncer.cloudarmin.me/enabled": "true"
    "secret-syncer.cloudarmin.me/destination-namespace": ""

The secret-syncer.cloudarmin.me/enabled annotation is used to let Secret Syncer plugin know that this secret should be synced to vcluster.

The secret-syncer.cloudarmin.me/destination-namespace annotation is used to specify the namespace in vcluster that the secret should be synced to.

Example: Syncing Secret to `default` Namespace in `vcluster`

apiVersion: v1
kind: Secret
metadata:
  name: mysecret
  namespace: ssyncer # vcluster host namespace
  annotations:
    # Enable sync for this secret
    "secret-syncer.cloudarmin.me/enabled": "true"
    # Secret will be synced to `default` namespace in `vcluster`
    "secret-syncer.cloudarmin.me/destination-namespace": "default"
type: Opaque
data:
  username: YWRtaW4=
  password: YXJtaW4=

Example: Syncing Secret to `my-namespace` Namespace in `vcluster` Which Not Exists

In this example my-namespace namespace does not exists in vcluster. In this scenario Secret Syncer can't sync the secret since the destination namesapce does not exists.

This secret marked as failed and Secret Syncer will retry to sync this secret every 30s. Once the my-namespace namespace created in vcluster, Secret Syncer will sync the secret to my-namespace namespace.

apiVersion: v1
kind: Secret
metadata:
  name: mysecret
  namespace: ssyncer # vcluster host namespace
  annotations:
    # Enable sync for this secret
    "secret-syncer.cloudarmin.me/enabled": "true"
    # Secret will be synced to `my-namesapce` namespace in `vcluster`
    "secret-syncer.cloudarmin.me/destination-namespace": "my-namesapce"
type: Opaque
data:
  username: YWRtaW4=
  password: MWYyZDFlMmU2N2Rm

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
constants		constants
example		example
syncers		syncers
.gitignore		.gitignore
Dockerfile		Dockerfile
Dockerfile.dev		Dockerfile.dev
README.md		README.md
devspace.yaml		devspace.yaml
devspace_start.sh		devspace_start.sh
go.mod		go.mod
go.sum		go.sum
main.go		main.go
plugin.yaml		plugin.yaml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

Secret Syncer VCluster Plugin

How to Install Plugin

How to Use Plugin

Example: Syncing Secret to `default` Namespace in `vcluster`

Example: Syncing Secret to `my-namespace` Namespace in `vcluster` Which Not Exists

About

Uh oh!

Releases

Packages

Uh oh!

Languages

araminian/vcluster-secret-syncer

Folders and files

Latest commit

History

Repository files navigation

Secret Syncer VCluster Plugin

How to Install Plugin

How to Use Plugin

Example: Syncing Secret to default Namespace in vcluster

Example: Syncing Secret to my-namespace Namespace in vcluster Which Not Exists

About

Topics

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Example: Syncing Secret to `default` Namespace in `vcluster`

Example: Syncing Secret to `my-namespace` Namespace in `vcluster` Which Not Exists

Packages