Secrets-Operator: Secrets-deletion does not work when deleting one of managedKubeSecretReferences #4599
Description
Describe the bug
We're using Infisical Secrets-Operator to load the Secrets into Kubernetes using the CRD InfisicalSecret.
When using the creationPolicy: Owner for the managedKubeSecretReferences the managed Secrets should be deleted, when the InfisicalSecret is deleted/updated.
This works fine as long as the whole InfisicalSecret is deleted. But when managing multiple Secrets with a single InfisicalSecret, removing one item from the Array does not remove the respective Secret.
To Reproduce
Steps to reproduce the behavior:
-
In Infisical, create two Secrets
SECRET1andSECRET2. -
Create an InfisicalSecret according to the following YAML-Manifest (replacing the
<PLACEHOLDER>'s with your authentication credentials):apiVersion: secrets.infisical.com/v1alpha1 kind: InfisicalSecret metadata: name: test-secret namespace: infisical-secrets spec: authentication: <PLACEHOLDER> hostAPI: <PLACEHOLDER> managedKubeSecretReferences: - creationPolicy: Owner secretName: secret1 secretNamespace: infisical-secrets secretType: Opaque template: data: secret1.yml: '{{ .SECRET1.Value }}' - creationPolicy: Owner secretName: secret2 secretNamespace: infisical-secrets secretType: Opaque template: data: secret2.yml: '{{ .SECRET2.Value }}' resyncInterval: 60 -
Ensure that two secrets
secret1andsecret2have been created -
Remove the item for
secretName: secret1fromspec.managedKubeSecretReferences -
Confirm that both Secrets
secret1andsecret2are still existing, althoughsecret1should have been deleted.
Expected behavior
If one item in spec.managedKubeSecretReferences is deleted, the respective Secret should be deleted.
Platform you are having the issue on:
- Kubernetes
v1.29.12 - Infisical Secrets-Operator Version
0.10.9