From: stephan48 Date: Thu, 20 Apr 2023 21:26:59 +0000 (+0200) Subject: (no commit message) X-Git-Url: https://blog.stejau.de/gitweb/gitweb.cgi?a=commitdiff_plain;h=843e33d868ffbec62743333b9bef0c1c90ee86b7;p=stejau-blog.git --- diff --git a/posts/2023-04-20-fluxcd2-kustomization-delegation-caveats.mdwn b/posts/2023-04-20-fluxcd2-kustomization-delegation-caveats.mdwn index db7856f..df94c19 100644 --- a/posts/2023-04-20-fluxcd2-kustomization-delegation-caveats.mdwn +++ b/posts/2023-04-20-fluxcd2-kustomization-delegation-caveats.mdwn @@ -1,6 +1,6 @@ Hi, -when you use fluxcd2 to allow teams/apps to be seperated into namesapces and wanna use PLOP/limit to the target namespace, be carefull with the following: +when you use fluxcd2 to allow teams/apps to be seperated into namesapces and wanna use Principle of least Privilege/limit to the target namespace, be carefull with the following: * Errors around secrets are masked as "error: data values must be of type string" as per (this discussion)[https://github.com/fluxcd/flux2/discussions/2355] - disable/remove them for testing, otherwhise you can't debug, this is a gross UX issue.