|
|
@@ -56,6 +56,27 @@ When working with custom resources that have complex structures, you can use `ta
|
|
|
|
|
|
The `target` field accepts dot-notation paths like `spec.database` or `spec.logging` to place the rendered template output at specific locations in the resource structure. When `target` is not specified it defaults to `Data` for backward compatibility with Secrets.
|
|
|
|
|
|
+!!! note "Using `property` when templating `data`"
|
|
|
+ The return of `data:` isn't an object on the template scope. If templated as a `string` it will fail in finding the right key. Therefore, something like this:
|
|
|
+ ```yaml
|
|
|
+ data:
|
|
|
+ - secretKey: url
|
|
|
+ remoteRef:
|
|
|
+ key: slack-alerts/myalert-dev
|
|
|
+ ```
|
|
|
+ templated as a literal:
|
|
|
+ ```yaml
|
|
|
+ {% raw %}
|
|
|
+ template:
|
|
|
+ engineVersion: v2
|
|
|
+ templateFrom:
|
|
|
+ - literal: |
|
|
|
+ api_url: {{ .url }}
|
|
|
+ target: spec.slack
|
|
|
+ {% endraw %}
|
|
|
+ ```
|
|
|
+ will not work. A property like `property: url` MUST be defined.
|
|
|
+
|
|
|
## Drift Detection
|
|
|
|
|
|
The operator automatically detects and corrects manual changes to managed custom resources. If you modify a ConfigMap or custom resource that is managed by an ExternalSecret, the operator will restore it to the desired state immediately.
|
Gergely Bräutigam