InfisicalSecret does not update already generated Secret on field change

[tiagovtristao]

Describe the bug

The InfisicalSecret doesn't seem propagate any new changes when you change the .spec.authentication.universalAuth.secretsScope.envSlug field (this could be true for other fields as well). I had to delete the generated secret and the pod using it, so that the new secrets (associated with the new envSlug) would be refetched and propagated onto the pod.

Partial resource below:

apiVersion: secrets.infisical.com/v1alpha1
kind: InfisicalSecret
metadata:
  name: foobar
spec:
  authentication:
    universalAuth:
      credentialsRef:
        secretName: infisical-universal-auth-credentials
        secretNamespace: default
      secretsScope:
        envSlug: production-k8s
        projectSlug: foobar-8-aaa
        recursive: false
        secretsPath: /website

To Reproduce

Edit the .spec.authentication.universalAuth.secretsScope.envSlug field to point to a different one.

Expected behavior

The secret generated by InfisicalSecret should be updated with the new variables, and the deployment reloaded if secrets.infisical.com/auto-reload is set.

[akhilmhdh]

CC: @DanielHougaard

[DanielHougaard]

Hi @tiagovtristao, thank you for the report. I've made an internal item for this and we'll get to it as soon as possible.

[tiagovtristao]

@akhilmhdh and @DanielHougaard, thanks for getting into it so quickly! Much appreciated :-)