sparse-intern-71089
01/28/2020, 9:49 AMbroad-helmet-79436
01/28/2020, 10:15 AMkubectl apply
to apply the secret, which makes .
The “correct” way to do it seems like it would be to use kubectl create
the first time, and then kubectl replace
on subsequent updates, which does not retain a last-applied-configuration
annotation (ref https://kubernetes.io/docs/tasks/manage-kubernetes-objects/declarative-config/)
would you like to make a github issue? 😄limited-rainbow-51650
01/28/2020, 11:37 AMbroad-helmet-79436
01/28/2020, 11:38 AMlimited-rainbow-51650
01/28/2020, 11:40 AMbroad-helmet-79436
01/28/2020, 11:40 AMlimited-rainbow-51650
01/28/2020, 11:41 AMbroad-helmet-79436
01/28/2020, 11:42 AMbroad-helmet-79436
01/28/2020, 11:42 AMlimited-rainbow-51650
01/28/2020, 11:43 AMlimited-rainbow-51650
01/28/2020, 7:22 PMgorgeous-egg-16927
01/28/2020, 7:23 PMlimited-rainbow-51650
01/28/2020, 7:25 PMkubectl create secret …
and with kubectl get secret ...
I get a secret without annotation.
2. I create a secret via Pulumi. With kubectl get secret
I get a secret with the annotation.
So is Pulumi doing something different from the CLI?gorgeous-egg-16927
01/28/2020, 7:29 PMkubectl
adds the same annotation, but it might not for Secrets; I’d have to check. Pulumi’s k8s provider adds that annotation to help with client-side diffing.gorgeous-egg-16927
01/28/2020, 7:30 PMgorgeous-egg-16927
01/28/2020, 7:33 PMkubectl
doesn’t add that annotation. Wasn’t aware of that before.limited-rainbow-51650
01/28/2020, 7:38 PMgorgeous-egg-16927
01/28/2020, 7:39 PMgorgeous-egg-16927
01/28/2020, 7:40 PMgorgeous-egg-16927
01/28/2020, 8:06 PM