From d83161e422007d2f4e6feb0a9696721a4392138e Mon Sep 17 00:00:00 2001
From: Thomas Piccirello <thomas@doppler.com>
Date: Thu, 27 May 2021 16:04:12 -0700
Subject: [PATCH 1/2] Use tini to ensure container exits on SIGTERM

---
 README.md              | 2 +-
 example/deployment.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index fbe8665..83ebf6f 100644
--- a/README.md
+++ b/README.md
@@ -66,7 +66,7 @@ spec:
       containers:
         - name: doppler-secrets
           image: alpine
-          command: ['/bin/sh', '-c', 'printenv && sleep 3600'] # Test by printing env var names
+          command: ['/bin/sh', '-c', 'apk add --no-cache tini > /dev/null 2>&1 && printenv | grep -v KUBERNETES_ && tini -s tail -f /dev/null'] # Test by printing env var names
           envFrom: # Only envFrom is currently supported for auto-reloads
             - secretRef:
                 name: app-secret # Should match DopplerSecret.spec.secretName          
diff --git a/example/deployment.yml b/example/deployment.yml
index baabceb..4ca7bc8 100644
--- a/example/deployment.yml
+++ b/example/deployment.yml
@@ -17,7 +17,7 @@ spec:
       containers:
         - name: doppler-secrets
           image: alpine
-          command: ['/bin/sh', '-c', 'printenv && sleep 3600'] # Test by printing env var names          
+          command: ['/bin/sh', '-c', 'apk add --no-cache tini > /dev/null 2>&1 && printenv | grep -v KUBERNETES_ && tini -s tail -f /dev/null'] # Test by printing env var names          
           imagePullPolicy: Always
           envFrom:
             - secretRef:

From 7f49a97c5a759024bb49c19f5d2e01b8e671e4aa Mon Sep 17 00:00:00 2001
From: Thomas Piccirello <thomas@doppler.com>
Date: Thu, 27 May 2021 16:05:38 -0700
Subject: [PATCH 2/2] Add 'list' permission to deployments

---
 doppler-crd-controller.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doppler-crd-controller.yml b/doppler-crd-controller.yml
index 4d3d084..5aaae15 100644
--- a/doppler-crd-controller.yml
+++ b/doppler-crd-controller.yml
@@ -48,7 +48,7 @@ rules:
     verbs: ['get', 'create', 'update', 'delete']
   - apiGroups: ['apps']
     resources: ['deployments']
-    verbs: ['patch']
+    verbs: ['list', 'patch']
   - apiGroups: ['']
     resources: ['namespaces']
     verbs: ['get', 'watch', 'list']