Retrieve objets using a specific secret / configmap via client-go library

12/28/2019

I am trying to develop a simple controller using the client-go library.

There is a requirement that each time a secret and/or a ConfigMap is updated on my cluster, I perform a specific action on the objects using those Secrets / ConfigMaps.

I know how to watch for changes on specific objects using informers.

My question is whether it is feasible, by getting access to a Secret / ConfigMap to automatically list the objects (deployments, jobs, etc) that use them.

-- pkaramol
client-go
kubernetes

1 Answer

3/25/2020

I don't think there's a way to list all dependent objects of an object automatically in the manner you're describing.

However, you could have a controller that watches your objects of interest (e.g. deployments, jobs, etc.) and updates the metadata.ownerReferencesof your secrets and configmaps with those objects that intends to use them.

While this is commonly done for GC purposes, these objects would then be "listed" when you do a kubectl describe on your secret or configmap.

metadata.ownerReferences

List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.

OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.

Source

-- Daniel Nguyen
Source: StackOverflow