Thanks for the Pull Request Kevin!
There's a number of tickets to introduce some sort of support for Secrets in our backlog. Most of the tickets are quite critical and touch different areas of our CRs - User Credentials (you can specify them in raw text) or configuration. Sadly, we don't have any coherent approach to them and we probably need to agree on one before merging your Pull Request.
I was thinking about creating a type capable of using raw values (for development purposes and backwards compatibility) and a reference to a Secret. Something like this:
type SecretRefOrValue struct {
value *string
secretRef *SecretKeySelector `json:",inline" name=secretRef"`
}
The idea here is to inline the Secret Ref so that it will result in a flat structure from the CRD perspective. This way, users will have a choice - they could use a raw value or a Secret.
Then, the Operator's code could use reflections and extract values from Secrets and put it into proper fields. My point here is that we need a generic mechanism that will do this for all CRs and at all levels.
What do you think?