PushSecret doesn't create custom metadata in Vault. #3465
Description
Describe the bug
PushSecret doesn't create custom metadata in Vault.
To Reproduce
Steps to reproduce the behavior:
- I've created PushSecret for testing:
apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"external-secrets.io/v1alpha1","kind":"PushSecret","metadata":{"annotations":{},"name":"pushsecret-example","namespace":"sre"},"spec":{"data":[{"match":{"remoteRef":{"property":"hello","remoteKey":"infra/test"},"secretKey":"secret"}}],"deletionPolicy":"Delete","refreshInterval":"10s","secretStoreRefs":[{"kind":"SecretStore","name":"vault-store-sre"}],"selector":{"secret":{"name":"example-push"}}}}
creationTimestamp: "2024-04-18T10:44:27Z"
finalizers:
- pushsecret.externalsecrets.io/finalizer
generation: 2
name: pushsecret-example
namespace: sre
resourceVersion: "143993421"
uid: 0360fbf8-5438-4dd9-9ee5-7f2053e59fb1
spec:
data:
- match:
remoteRef:
property: hello
remoteKey: infra/test
secretKey: secret
deletionPolicy: Delete
refreshInterval: 5s
secretStoreRefs:
- kind: SecretStore
name: vault-store-sre
selector:
secret:
name: example-push
SecretStore is working as expected and used policy have read-write access for metadata of given secret.
But PushSecret doesn't create custom "managed-by" metadata field and I've got an error "secret not managed by external-secrets" unless adding that field manually.
Expected behavior
PushSecret creates metadata field "managed-by"
Version
I use ESO v0.9.13 and k8s v1.27.3