reflection-allowed-namespaces question

[huziahmetovsv]

i have 2 secrets.

$ kubectl get secrets -n cert-manager-infra | grep wild
wildcard-k8s03-tls                                        kubernetes.io/tls    2      96m
wildcard-tls                                              kubernetes.io/tls    2      2d4h

wildcard-tls:

annotations:
...
  reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
  reflector.v1.k8s.emberstack.com/reflection-auto-enabled: "true"
  reflector.v1.k8s.emberstack.com/reflection-auto-namespaces: .*-infra

wildcard-k8s03-tls:

annotations:
 ...
  reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
  reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces: cert-manager-infra
  reflector.v1.k8s.emberstack.com/reflection-auto-enabled: "true"
  reflector.v1.k8s.emberstack.com/reflection-auto-namespaces: .*-infra

But reflector creates only first on (without reflection-allowed-namespaces annotatiion)

2025-06-28 15:12:30.948 +00:00 [INF] (ES.Kubernetes.Reflector.Watchers.NamespaceWatcher) Requesting V1Namespace resources
2025-06-28 15:12:31.947 +00:00 [INF] (ES.Kubernetes.Reflector.Watchers.SecretWatcher) Requesting V1Secret resources
2025-06-28 15:12:32.693 +00:00 [INF] (ES.Kubernetes.Reflector.Watchers.ConfigMapWatcher) Requesting V1ConfigMap resources
2025-06-28 15:12:33.948 +00:00 [INF] (Microsoft.Hosting.Lifetime) Now listening on: http://[::]:8080
2025-06-28 15:12:33.948 +00:00 [INF] (Microsoft.Hosting.Lifetime) Application started. Press Ctrl+C to shut down.
2025-06-28 15:12:33.948 +00:00 [INF] (Microsoft.Hosting.Lifetime) Hosting environment: Production
2025-06-28 15:12:34.046 +00:00 [INF] (Microsoft.Hosting.Lifetime) Content root path: /app
2025-06-28 15:12:40.395 +00:00 [INF] (ES.Kubernetes.Reflector.Mirroring.SecretMirror) Auto-reflected cert-manager-infra/wildcard-k8s03-tls where permitted. Created 0 - Updated 0 - Deleted 0 - Validated 0.
2025-06-28 15:12:41.394 +00:00 [INF] (ES.Kubernetes.Reflector.Mirroring.SecretMirror) Auto-reflected cert-manager-infra/wildcard-tls where permitted. Created 0 - Updated 0 - Deleted 0 - Validated 2.

$ kubectl get secrets -A | grep wild                   
cert-manager-infra   wildcard-k8s03-tls                                        kubernetes.io/tls               2      101m
cert-manager-infra   wildcard-tls                                              kubernetes.io/tls               2      2d4h
longhorn-infra       wildcard-tls                                              kubernetes.io/tls               2      104m
test-infra           wildcard-tls                                              kubernetes.io/tls               2      103m

what am i doing wrong?

reflector: 9.1.14
kubernetes: 1.33.1

[github-actions]

Automatically marked as stale due to no recent activity. It will be closed if no further activity occurs. Thank you for your contributions.