You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The mutateContainer hook skips mutation if no environment variables are set with a secret reference:
// Ignore if there are no berglas references in the container.if!m.hasBerglasReferences(c.Env) {
returnc, false
}
However, environment variables can also be defined from configmaps, such as:
envFrom:
- configMapRef:
name: config-map-name
If there is a single env entry with the sm:// prefix, the container will be mutated and the configmap variables will be resolved with berglas exec at runtime. This behavior for configMapRef variables changes when the unrelated env variables are removed.
Ideally, hasBerglasReferences would be run on all env variables that the container will use, rather than just those explicitly defined in the env section of the deployment.
The text was updated successfully, but these errors were encountered:
The mutateContainer hook skips mutation if no environment variables are set with a secret reference:
However, environment variables can also be defined from configmaps, such as:
If there is a single
enventry with thesm://prefix, the container will be mutated and the configmap variables will be resolved withberglas execat runtime. This behavior forconfigMapRefvariables changes when the unrelatedenvvariables are removed.Ideally,
hasBerglasReferenceswould be run on all env variables that the container will use, rather than just those explicitly defined in theenvsection of the deployment.The text was updated successfully, but these errors were encountered: