Kubernetes - SM Operator - Secret Types Customization

Hi!

I am migrating over from Hashicorp Vault for secrets management and sync to my Kubernetes Clusters, and while this has been a strong replacement, there’s a particular feature I am missing. SM Operator should be able to add the capability to modify a given’s secret type. A Kubernetes Secret has different “types” as per documentation here: Secrets | Kubernetes

This is critical to ensure all secrets needed to manage and deploy applications from kubernetes are secured, and only supporting the Opaque Type leaves gaps in our deployments where some keys are needing to be manually managed or automated in a different way, leaving us with an additional process to consider when using this product.

For example, Docker Authentication for my private registry is done using the kubernetes.io/dockerconfigjson type, and today that is not possible with the SM Operator.

There is an Open Issue on the SM Operator github repo related to this feature request: Feature: dockerconfigjson secret type · Issue #66 · bitwarden/sm-kubernetes · GitHub

Personally, I could see this being implemented at the BitwardenSecret resource definition that has an added type field in the spec.

apiVersion: k8s.bitwarden.com/v1
kind: BitwardenSecret
metadata:
  labels:
    app.kubernetes.io/name: bitwardensecret
    app.kubernetes.io/instance: bitwardensecret-sample
    app.kubernetes.io/part-of: sm-operator
    app.kubernetes.io/managed-by: kustomize
    app.kubernetes.io/created-by: sm-operator
  name: bitwardensecret-sample
spec:
  organizationId: someOrgID
  type: kubernetes.io/dockerconfigjson
  secretName: bw-sample-secret
  map:
    - bwSecretId: someSecretID
      secretKeyName: .dockerconfigjson
  authToken:
    secretName: bw-auth-token
    secretKey: token