You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am experimenting with flux but am concerned with the flexibility of applying to remote clusters.
I have a multi-tenant admin configuration cluster where my Flux objects live and a multi-tenant workload cluster where workloads actually run. I am currently deploying via a HelmRelease per remote workload cluster, and I create a kubeconfig secret to contain the credentials to apply to the remote cluster.
However, this isn't very easy since HelmReleases cant seem to reference secrets in another namespace. Therefore, I need to create multiple secrets for each helmrelease namespace which is pretty complicated. It would be great if the helm controller could:
Use Workload Identity like some of the other flux components for pulling OCI repositories (the Providerfield
Specify a central secret used to deploy to remote clusters
With guidance, I would be willing to submit a PR to add this feature.
The text was updated successfully, but these errors were encountered:
When Kubernetes will allow a Deployment to refer to Secrets from another namespace, then we'll consider allowing it in Flux too. I doubt this will ever happen upstream as it break namespace isolation and RBAC.
I am experimenting with flux but am concerned with the flexibility of applying to remote clusters.
I have a multi-tenant admin configuration cluster where my Flux objects live and a multi-tenant workload cluster where workloads actually run. I am currently deploying via a HelmRelease per remote workload cluster, and I create a kubeconfig secret to contain the credentials to apply to the remote cluster.
However, this isn't very easy since HelmReleases cant seem to reference secrets in another namespace. Therefore, I need to create multiple secrets for each helmrelease namespace which is pretty complicated. It would be great if the helm controller could:
Provider
fieldWith guidance, I would be willing to submit a PR to add this feature.
The text was updated successfully, but these errors were encountered: