VSO Secrets in all namespaces with a single secret-id secret

Hi,

I’m using the VSO Helm chart inside Kubernetes.

I am wondering if it possible to create secrets in all namespaces without having to create an appRole “secret-id” secret in every single namespace?

I know the helm chart says:
The Kubernetes Secret must contain a key named id which references the AppRole Role’s SecretID, and must exist in the namespace of any consuming VaultSecret CR.

But I would prefer to not do this if that’s possible.

For reference, when I try to create a secret in the default namespace when the VaultAuth, VaultConnection and secret-id secret all live in the vault namespace, this error pops up:

2023-11-22T23:17:58Z ERROR Reconciler error {"controller": "vaultstaticsecret", "controllerGroup": "secrets.hashicorp.com", "controllerKind": "VaultStaticSecret", "VaultStaticSecret": {"name":"test-secret","namespace":"default"}, "namespace": "default", "name": "test-secret", "reconcileID": "804f36a4-949f-44c9-94e3-6b17b56c248f", "error": "Secret \"secret-id\" not found"}

These are the relevant values I’m using for the hashicorp/vault-secrets-operator helm chart:

defaultVaultConnection:
  enabled: true
  address: "http://vault.vault.svc.cluster.local:8200"

defaultAuthMethod:
  enabled: true
  namespace: "vault"
  method: appRole
  mount: approle
  appRole:
    roleId: "approle-role-id-ABC123"
    secretRef: "vault/secret-id"

And this is what the secret looks like:

apiVersion: v1
data:
  id: base64secret-id-ABC123
kind: Secret
metadata:
  name: secret-id
  namespace: vault
type: Opaque

Thanks in advance.