Skip to content

ReferenceGrant from Gateway to SecretObjectReference #694

New issue
New issue
Closed
#791
Closed
ReferenceGrant from Gateway to SecretObjectReference#694
#791
Assignees
kate-osborn
Labels
enhancementNew feature or requestrefinedRequirements are refined and the issue is ready to be implemented.
Milestone
 
v0.5.0
@mpstefan

Description

@mpstefan
mpstefan
opened on May 30, 2023

As a user of NKG
I want to allow my Gateway object to reference secrets in another namespace via a ReferenceGrant
So that I do not have to duplicate secrets and maintain them in multiple places.

Acceptance

  • When a secret is referenced in a Gateway Listener that does not have a corresponding ReferenceGrant, the status of that Listener is set to ResolvedRefs/False/RefNotPermitted
  • When a valid ReferenceGrant is created or updated within a namespace that the NKG control plane watches, the Gateway specified is able to reference secrets in other namespaces NKG is present.
  • No secrets in other namespaces can be referenced by any Gateway that does not have a corresponding ReferenceGrant.
  • No information is ever exposed about resources in another namespace that do not have a valid ReferenceGrant.
  • Update the documentation
    • Update the compatibility doc
    • Add an example for how to reference a secret from another namespace in your Gateway config.

Metadata

Metadata

Assignees

Labels

enhancementNew feature or requestrefinedRequirements are refined and the issue is ready to be implemented.

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions