-
Notifications
You must be signed in to change notification settings - Fork 12
AM0014 [DISABLED]
NOTICE: This validator has been disabled and is only documented here for historical purposes.
1. secrets
in addon.yaml doesn't exist in app-interface's saas-mt-SelectorSyncSet.yaml
# addon.yaml
secrets:
- name: secret-one
type: Opaque
vaultPath: mtsre/quay/osd-addons/secrets/random-operator-1/secret-one
- name: secret-two
type: kubernetes.io/dockerconfigjson
vaultPath: mtsre/quay/osd-addons/secrets/random-operator-1/secret-two
# saas-mt-SelectorSyncSet.yaml
...
secretParametes:
- name: secret-four
secret:
path: mtsre/quay/osd-addons/secrets/random-operator-23/secret-four
field: db.endpoint
- name: secret-seven
secret:
path: mtsre/quay/osd-addons/secrets/random-operator-7/secret-seven
field: res.url
...
For the parameters in SSS (kind: Template) to be successfully populated, all secrets defined in addon.yaml should be present in the SaaS file.
2. secret[*].vaultPath
in addon.yaml doesn't match secretParameters[*].secret.path
# addon.yaml
secrets:
- name: secret-two
type: kubernetes.io/dockerconfigjson
vaultPath: mtsre/quay/osd-addons/secrets/random-operator-1/secret-two
# saas-mt-SelectorSyncSet.yaml
...
secretParametes:
- name: secret-two
secret:
path: mtsre/quay/osd-addons/secrets/random-operator-3/random-path
field: db.endpoint
- name: secret-seven
secret:
path: mtsre/quay/osd-addons/secrets/random-operator-7/secret-seven
field: res.url
...
The vaultPath
of secret-two
in addon.yaml
does not match the path
provided in secretParameters
of saas-mt-SelectorSyncSet.yaml
.
1. All the secrets
in addon.yaml
should be present in secretParameters
of app-interface's saas-mt-SelectorSyncSet.yaml
and all the vaultPaths of each of the secrets
in addon.yaml
should match the corresponding paths of secrets in secretParameters
.
# addon.yaml
secrets:
- name: secret-one
type: Opaque
vaultPath: mtsre/quay/osd-addons/secrets/random-operator-1/secret-one
- name: secret-two
type: kubernetes.io/dockerconfigjson
vaultPath: mtsre/quay/osd-addons/secrets/random-operator-1/secret-two
# saas-mt-SelectorSyncSet.yaml
...
secretParametes:
- name: secret-one
secret:
path: mtsre/quay/osd-addons/secrets/random-operator-1/secret-one
field: db.endpoint
- name: secret-two
secret:
path: mtsre/quay/osd-addons/secrets/random-operator-1/secret-two
field: res.url
...
- All
secrets
ofaddon.yaml
are present insecretParameters
ofsaas-mt-SelectorSyncSet.yaml
- vaultPaths of each of the
secrets
ofaddon.yaml
match with correspondingsecretParameters
insaas-mt-SelectorSyncSet.yaml