Adding not encrypted data to a template does not work #1607
Description
Which component:
controller
Describe the bug
When I use plaintext keys of the sealed secret in a "template", the variable is replaced with "" instead of the real value.
In contrast, it works perfectly when I use encrypted keys as variables (as documented).
Don't know, if this really is a bug or if it was never intended to work. However, it would be nice to have this ability.
To Reproduce
Steps to reproduce the behavior:
- Create a sealed secret with encrypted and plaintext keys. Here, password is encrypted, username is plaintext. The result is the same if I put the username key in "data" instead of "stringData".
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: mySecret
spec:
encryptedData:
password: encrypted password
template:
stringData:
username: "myUsername"
data:
settings.xml: |-
<server>
<id>maven</id>
<username>{{ .username }}</username>
<password>{{ .password }}</password>
</server>
- Deploy the secret
- Check the resulting secret
Expected behavior
I expect the settings.xml key to contain both username and password, but the username variable is not replaced with the plaintext value. Instead it is replaced with ""
<username><no value></username>
<password>plaintext password</password>
Version of Kubernetes:
- Output of
kubectl version:
Client Version: v1.30.2
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.26.15+4818370