Certificate secretName pattern differs a lot between application
The secretName for the TLS certificates varies widely, making it rather confusing to work with:
❯ grpr secretName --exclude "*oauth-client.yaml"
stackspin/flux2/apps/zulip/zulip-values-configmap.yaml:24: secretName: stackspin-zulip
stackspin/flux2/apps/nextcloud/nextcloud-values-configmap.yaml:59: secretName: stackspin-nextcloud-files
stackspin/flux2/apps/nextcloud/nextcloud-values-configmap.yaml:177: secretName: stackspin-nextcloud-office
stackspin/flux2/apps/monitoring/kube-prometheus-stack-values-configmap.yaml:38: - secretName: alertmanager-tls
stackspin/flux2/apps/monitoring/kube-prometheus-stack-values-configmap.yaml:146: - secretName: prometheus-tls
stackspin/flux2/apps/monitoring/kube-prometheus-stack-values-configmap.yaml:175: - secretName: grafana-tls
stackspin/flux2/apps/wekan/wekan-values-configmap.yaml:78: secretName: wekan
stackspin/flux2/apps/wordpress/wordpress-values-configmap.yaml:105: secretName: stackspin-wordpress
stackspin/flux2/core/base/single-sign-on/hydra-values-configmap.yaml:53: secretName: hydra-public.tls
stackspin/flux2/core/base/dashboard/dashboard-values-configmap.yaml:59: secretName: stackspin-dashboard
How should new secrets be named?
Since they are namespaced anyways, the stackspin
-prefix should't be necessary, for example.
On the other hand I do like the TLS-suffix, because it makes it easier to trace them trough the myriad of other configuration stuff.
Edited by Janek