create secret in a different namespace

When use 1password k8s connector and operator running in namespaceA, how do I map onepassworditem to secret in namespaceB in the same cluster.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:No 1Password Annotations found

Comments

  • James_1PJames_1P

    Team Member

    Hi!

    There are two requirements to have the operator running in one namespace but creating secrets in another namespace.

    First the operator needs to be configured to watch both namespaceA and namespaceB. If you deployed the operator with helm this can be done by providing a custom list to the operator.watchNamespace variable (more details). If you deployed the operator directly you can see the configuration docs for details on setting the WATCH_NAMESPACE variable.

    Once the operator is watching namespaceA and namespaceB you can create a secret in namespaceB by setting metadata.namespace on the OnePasswordItem CRD, or by annotating a deployment or pod in namespaceB with the operator.1password.io/item-path annotation.

  • For operator.watchNamespace do I add value as "ns1, ns2", or "[ns1, ns2]"? Thx!

  • James_1PJames_1P

    Team Member

    For operator.watchNamespace it is expecting an array so I beleive it is the latter, "[ns1, ns2]"

    You can also use a values.yaml file to store the configuration in a file with formatting like

    operator:
        watchNamespace:
            - ns1
            - ns2
    

    and then reference that file in your helm install command with -f values.yaml

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file