Object Deletion

Object deletion is considered a dangerous activity which could lead into dataloss, therefore Lieutenant Operator implements a safeguard and a configuration per object what to do with external resources.

Deletion Protection

The annotation syn.tools/protected-delete controls if an object can be deleted or not. As long as this annotation holds the value true, the finalizer will block the object from being deleted.

The Operator automatically annotates objects as configured in the environment variable LIEUTENANT_DELETE_PROTECTION (see References/Configuration).

Deletion Policy

The deletion policy defines how external resources (for example Git repositories, Vault secrets) are handled when an object gets deleted.

Policy Git repo Vault secret

Archive

Archival of Git repository

Secret soft deletion

Delete

Deletion of Git repository

Secret hard deletion

Retain

Do nothing

Do nothing