Skip to content

feat: Update existing SDK environment variables #1476

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat: Update existing SDK environment variables #1476

wants to merge 2 commits into from

Conversation

masinger
Copy link

This enables processing of already admitted and modified containers. This might occur since the reinvocationPolicy has been set to IfNeeded #749.

Reason for Change:
Not updating existing environment variables might result in a situation where the wrong credentials are projected into the container, whenever another admission plugin modifies the serviceAccountName.

Requirements

  • squashed commits
  • included documentation
  • added unit tests and e2e tests (if applicable).

Issue Fixed:
Fixes #1475

Please answer the following questions with yes/no:

Does this change contain code from or inspired by another project?

  • no

If so, did you notify the maintainers and provide attribution?
not relevant

@masinger
feat: Also update existing SDK environment variables
3244ad2 
This enables processing of already admitted and modified containers.
This might occur since the reinvocationPolicy has been set to `IfNeeded` (see Azure#794).

Failing to do so might result in a situation
where the wrong credentials are projected into the container,
if another admission plugin modifies the `serviceAccountName`.
@masinger masinger requested review from aramase and enj as code owners October 21, 2024 15:15
@masinger
Copy link
Author

@microsoft-github-policy-service agree company="lise GmbH"

@enj
Copy link
Member

enj commented Apr 22, 2025

I am skeptical that is makes sense to support admission plugins that mutate serviceAccountName 🤔 @aramase WDYT?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aramase aramase Awaiting requested review from aramase aramase is a code owner

@enj enj Awaiting requested review from enj enj is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Service credentials are not updated on reinvocation after another admission plugin modified the service account

2 participants

@masinger @enj