Run Secret Reconcile on more than just secrets being updated in Bitwarden #62
Comments
|
Ive done some thinking, and think at minimum there also needs to be a force-reconcile timeout so that every so often (IE once per day) all values are verified to make sure nothing extraneous is present on the secret regardless, and nothing is missing. This should probably happen on boot as well. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I believe there are a few situations in which the operator will not actually update the secrets and re-sync everything, as currently it appears that it will only sync if PullSecretManagerSecretDeltas returns true for refresh, logging a skip otherwise.
If the k8s secret is updated by hand on accident, or the BitwardenSecret object is updated for example (adding or deleting a secret), it is possible that the secrets will not be updated to rectify this situation. (this is a more generic form of #59 )
The text was updated successfully, but these errors were encountered: