Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEAT] - Remove kubeconfig key from KubeConfig Secrets #702

Open
2 tasks
IvoGoman opened this issue Nov 6, 2024 · 0 comments
Open
2 tasks

[FEAT] - Remove kubeconfig key from KubeConfig Secrets #702

IvoGoman opened this issue Nov 6, 2024 · 0 comments
Labels
feature

Comments

@IvoGoman
Copy link
Contributor

IvoGoman commented Nov 6, 2024

Priority

(Medium) I'm annoyed but I'll live

User Story

No response

Description

When onboarding a Cluster a Secret with the kubeconfig is created. Once the cluster bootstrap is done, the Secret will have the greenhousekubeconfig key containing the KubeConfig with the token for the ServiceAccount used to access the cluster.

Greenhouse will always use the KubeConfig with the ServiceAccount token after the cluster was successfully bootstrapped. In order to avoid having a potentially personal admin KubeConfig in the secret, the key should be removed.
When re onboarding a Cluster via greenhousectl both keys in the secret are overwritten with a user provided kubeconfig. This KubeConfig is then reconciled by the Cluster controller.

Acceptance Criteria

  • After successfully bootstrapping the Cluster the kubeconfig key is removed
  • greenhousectl updates the greenhousekubeconfig key when re onboarding a Cluster

Reference Issues

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature
Projects
Greenhouse Core Roadmap
Status: Sprint Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@IvoGoman