Just a shortcut to add reflector annotations to a secret so that it reflects to a target namespace (docs: https://github.com/emberstack/kubernetes-reflector?tab=readme-ov-file#usage)

reflect_secret.sh

#!/bin/bash
# Link it like so: sudo ln -s $PWD/hack/reflect_secret.sh /usr/local/bin/kubectl-reflect
# Or just copy it in there: sudo cp $PWD/hack/reflect_secret.sh /usr/local/bin/kubectl-reflect
# example: kubectl reflect --namespace rabbitmq --target-namespace jueju --secret rabbitmq

# Function to display usage information
usage() {
    echo "Usage: kubectl reflect --namespace <origin-namespace> --target-namespace <target-namespace> --secret <secret-name>"
    exit 1
}

# Parse command line flags
while [[ "$#" -gt 0 ]]; do
    case $1 in
    --namespace)
        ORIGIN_NAMESPACE="$2"
        shift
        ;;
    --target-namespace)
        TARGET_NAMESPACE="$2"
        shift
        ;;
    --secret)
        SECRET_NAME="$2"
        shift
        ;;
    -h | --help) usage ;;
    *)
        echo "Unknown parameter passed: $1"
        usage
        ;;
    esac
    shift
done

# Check if all required arguments are provided
if [ -z "$ORIGIN_NAMESPACE" ] || [ -z "$TARGET_NAMESPACE" ] || [ -z "$SECRET_NAME" ]; then
    usage
fi

# Annotate the secret with the provided annotations
kubectl annotate secret $SECRET_NAME \
    -n $ORIGIN_NAMESPACE \
    reflector.v1.k8s.emberstack.com/reflection-allowed=true \
    reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces=$TARGET_NAMESPACE \
    reflector.v1.k8s.emberstack.com/reflection-auto-enabled=true \
    reflector.v1.k8s.emberstack.com/reflection-auto-namespaces=$TARGET_NAMESPACE

echo "Secret '$SECRET_NAME' in namespace '$ORIGIN_NAMESPACE' has been annotated successfully for reflection to '$TARGET_NAMESPACE'."