New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

whitelist certs that should never be removed #1

Open

diegodurante opened this issue May 27, 2021 · 1 comment

diegodurante commented May 27, 2021 •

edited

Loading

I am opening this as a "issue" but in reality is a little suggestion that maybe can be helpful.

Regarding this TO-DO:

k8s-scripts/clean-orphaned-secrets-cert-manager/clean-orphans.sh

Line 12 in d294cf9

    
           # TODO: whitelist certs that should never be removed? i.e. default le-cert? For now we'll just prompt before deleting to be safe

Here is how I am managing it adding some code from line 32:

...

# Remove from array special secrets
SPECIALS=(one-special-tls other-special-tls)
for special in "${SPECIALS[@]}"; do
  for i in "${!ORPHANS[@]}"; do
    if [[ ${ORPHANS[i]} = $special ]]; then
      unset 'ORPHANS[i]'
    fi
  done
done

...

😉

Owner

richstokes commented May 27, 2021

Appreciate the info! If you like, feel free to open a PR and include those. I don't do much with K8s currently so this has gone a bit stale :-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment