Skip to content

Be clear about secretName restrictions #8782

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Aug 13, 2025
Merged

Be clear about secretName restrictions #8782

merged 5 commits into from
Aug 13, 2025

Conversation

pebrc
Copy link
Collaborator

@pebrc pebrc commented Aug 1, 2025
edited
Loading

Be more explicit about the limitations of external associations. We have reports from users being confused about the availablity of the feature.

Screenshot 2025-08-06 at 11 42 04

@botelastic botelastic bot added the triage label Aug 1, 2025
@pebrc pebrc added the >docs Documentation label Aug 1, 2025
@botelastic botelastic bot removed the triage label Aug 1, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 1, 2025
edited
Loading

🔍 Preview links for changed docs

@pebrc pebrc marked this pull request as ready for review August 1, 2025 13:54
@prodsecmachine
Copy link
Collaborator

prodsecmachine commented Aug 1, 2025
edited
Loading

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

license/snyk check is complete. No issues have been found. (View Details)

barkbay
barkbay reviewed Aug 4, 2025
View reviewed changes
pkg/apis/common/v1/common.go Outdated
@@ -115,7 +115,9 @@ type ObjectSelector struct {
ServiceName string `json:"serviceName,omitempty"`

// SecretName is the name of an existing Kubernetes secret that contains connection information for associating an
// Elastic resource not managed by the operator. The referenced secret must contain the following:
// Elastic resource not managed by the operator.
// SecretName is only supported for monitoring associations. Refer to https://www.elastic.co/docs/deploy-manage/monitor/stack-monitoring/eck-stack-monitoring#k8s_connect_to_an_external_monitoring_elasticsearch_cluster
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't the link to the stack monitoring documentation a bit "restrictive"? We can use secretName to setup Fleet's Elasticsearch output for example. I was wondering if we should not document or validate any limitation on the parent attribute, for example on FleetServerRef.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's a good point. I think I overshot the target a bit after the issues our users had with this.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated.

barkbay
barkbay approved these changes Aug 6, 2025
View reviewed changes
Copy link
Contributor

@barkbay barkbay left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@pebrc pebrc enabled auto-merge (squash) August 11, 2025 10:08
@pebrc pebrc merged commit 7cdafbf into elastic:main Aug 13, 2025
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@barkbay barkbay barkbay approved these changes

Assignees
No one assigned
Labels
>docs Documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@pebrc @prodsecmachine @barkbay