Currently, the service-ca-operator provides a convenient way to inject a CA certificate into a ConfigMap, but there is no straightforward method to inject it into a Secret. This limitation makes it difficult to fully automate the setup of applications that expect to consume the CA certificate from a Secret.
An example of such a component is CloudNativePG, which benefits from automated certificate management but requires the CA certificate to be available in a Secret to function properly.
Adding support for injecting the CA certificate directly into Secrets would improve integration with a wider range of Kubernetes-native applications and enable more flexible and secure automation patterns.
Currently, the
service-ca-operatorprovides a convenient way to inject a CA certificate into a ConfigMap, but there is no straightforward method to inject it into a Secret. This limitation makes it difficult to fully automate the setup of applications that expect to consume the CA certificate from a Secret.An example of such a component is CloudNativePG, which benefits from automated certificate management but requires the CA certificate to be available in a Secret to function properly.
Adding support for injecting the CA certificate directly into Secrets would improve integration with a wider range of Kubernetes-native applications and enable more flexible and secure automation patterns.