The primary purpose of this tool is to ease the every-day lives of developers and new-comers to Kubernetes. When you move to production, you can use something like Flux, Argo or Terraform (see appendix) for managing secrets across namespaces.
Disclaimer: see the license of this project before deploying or using it.
You can create a test cluster very quickly with something like KinD to try it out.
Backlog (done):
- Create secrets in each namespace at start-up
- Use a "seed" secret via an object reference
- Watch new namespaces and create new secrets
- Update the ImagePullSecret list for the default ServiceAccount in each namespace
- Add an exclude annotation for certain namespaces
alexellis.io/registry-creds.ignore - Add Docker image for
x86_64 - Test and update kustomize
- Add multi-arch Docker image for
x86_64and arm - Add one-liner with an arkade app -
arkade install registry-creds --username $DOCKER_USERNAME --password $PASSWORD -
Add helm chart- static manifest available instead - Use
apierrors.IsNotFound(err)everywhere instead of assuming an error means not found - Support additional ServiceAccounts beyond the
defaultaccount in each namespace
Todo:
- Remove pull secret reference from ServiceAccounts upon ClusterPullSecret deletion
- Propagate alterations/updates to the primary
ClusterPullSecretin each namespace when the secret value changes (the work-around is to delete and re-create the ClusterPullSecret)