I am trying to develop a simple controller using the client-go
library.
There is a requirement that each time a secret and/or a ConfigMap is updated on my cluster, I perform a specific action on the objects using those Secrets / ConfigMaps.
I know how to watch for changes on specific objects using informers.
My question is whether it is feasible, by getting access to a Secret / ConfigMap to automatically list the objects (deployments, jobs, etc) that use them.
I don't think there's a way to list all dependent objects of an object automatically in the manner you're describing.
However, you could have a controller that watches your objects of interest (e.g. deployments, jobs, etc.) and updates the metadata.ownerReferences
of your secrets and configmaps with those objects that intends to use them.
While this is commonly done for GC purposes, these objects would then be "listed" when you do a kubectl describe
on your secret or configmap.
metadata.ownerReferences
List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.
Source