Change Detection

(Since 1.6.0)

To react on Secret Changes there is a Change Adjustment Callback that can be defined. If such Callback is defined a new rollout of a Deployment gets triggered when the secret is changed by Vault-CRD. This will then inject the new secret value and a reload of the secret can be enforced (e.g. start of new application context lookup in Spring Boot).

All secret types support this Change Adjustment via the following yaml snippet:

apiVersion: "koudingspawn.de/v1"
kind: Vault
metadata:
  [...]
spec:
  [...]
  changeAdjustmentCallback:
    type: deployment
    name: nginx

In this case the deployment nginx (same namespace as Vault resource) gets restarted when the secret was modified.

Last updated