Can we create DopplerSecret with multiple namespaces at a time?

Need Help
1

Hello Team,

I would like to create dopplerSecret for multiple namespaces, but seem is not possible with the given yaml file in documentation. Kubernetes Secrets Management: Doppler Operator

apiVersion: secrets.doppler.com/v1alpha1
kind: DopplerSecret
metadata:
  name: dopplersecret-test # DopplerSecret Name
  namespace: doppler-operator-system
spec:
  tokenSecret: # Kubernetes service token secret (namespace defaults to doppler-operator-system)
    name: doppler-token-secret
  managedSecret: # Kubernetes managed secret (will be created if does not exist)
    name: doppler-test-secret
    namespace: default # Should match the namespace of deployments that will use the secret

Can anyone have a solution for this?

2

Hi there!

As you’ve found, these are restricted to a single namespace. If you want them to be in multiple namespaces, then the solution would be to create one in each namespace like this:

---
apiVersion: secrets.doppler.com/v1alpha1
kind: DopplerSecret
metadata:
  name: dopplersecret-default
  namespace: doppler-operator-system
spec:
  tokenSecret:
    name: doppler-default-token-secret
  managedSecret:
    name: doppler-default-secret
    namespace: default
---
apiVersion: secrets.doppler.com/v1alpha1
kind: DopplerSecret
metadata:
  name: dopplersecret-staging
  namespace: doppler-operator-system
spec:
  tokenSecret:
    name: doppler-staging-token-secret
  managedSecret:
    name: doppler-staging-secret
    namespace: staging
---
apiVersion: secrets.doppler.com/v1alpha1
kind: DopplerSecret
metadata:
  name: dopplersecret-prod
  namespace: doppler-operator-system
spec:
  tokenSecret:
    name: doppler-prod-token-secret
  managedSecret:
    name: doppler-prod-secret
    namespace: prod

Note how each secret has a different tokenSecret. This is so you can specify distinct access tokens for each namespace. If the secrets you want spread across namespaces are all from the same project/config, then you could use the same tokenSecret for them.

Will that work for you?

Thanks,
-Joel

3

Thank you @watsonian , it worked fine. I was expecting to have some sort of yaml structure to handle in single file for DopplerSecret Type.