-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bug: unable to rerun gen-secrets job #685
Comments
This is indeed an expected behaviour. This job only runs once and would not overwrite secrets again. |
Thanks for confirming @wasaga! I am closing this issue. |
For anyone coming across this issue, I am just manually deleting the secret using |
What happened?
It seems like this isn't a way to have the job that generates the secrets run again and overwrite the existing secret:
As I was digging around to see if there was a flag for this, I found that it should probably just work per: https://github.com/pomerium/ingress-controller/blob/main/deployment.yaml#L227
What did you expect to happen?
I was expecting the job that bootstraps secrets to just overwrite the existing secret. I also was expecting some breakage may occur where I have to restart pods after the generation of new secrets.
How'd it happen?
What's your environment like?
docker pull pomerium/ingress-controller:sha-dd49d67
What's your config.yaml?
I have a very basic installation that leverages your kustomize file. The only thing missing in this file is the override I pass in to use
sha-dd49d67
:I tried digging up the config but i'm unclear on where the default config is stored in
pomerium/ingress-controller:sha-dd49d67
What did you see in the logs?
Additional context
Per: #477 this may also be the expected behavior as it was only intended to run once. So perhaps rotation isn't an option unless i manually delete the secret first?
The text was updated successfully, but these errors were encountered: