Add checksum annotation for secrets rendering #22449
Conversation
Signed-off-by: Todd Lyons <[email protected]>
helm-bot
added
Contribution Allowed
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: mrballcb The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
needs-ok-to-test
|
Hi @mrballcb. Thanks for your PR. I'm waiting for a helm member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Signed-off-by: Todd Lyons <[email protected]>
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Any further update will cause the issue/pull request to no longer be considered stale. Thank you for your contributions. |
stale
bot
added
the
lifecycle/stale
Is this a new chart
NO
What this PR does / why we need it:
Adds a "checksum/secrets" checksum annotation to the deployment.
We do daily scheduled deployments to refresh short lived AWS keys. The helm
chart stores AWS keys as kube secrets. When nothing else changes but the AWS keys,
the deployment is not perceived as changed, no new replicaset gets created, and no
pod restart occurs.
Which issue this PR fixes
Special notes for your reviewer:
Checklist
[Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.]
[stable/mychartname])