[BUG] Updating spec.vault.object.name doesn't result in updating an existing target secret

[joyrex2001]

Components and versions

[X] Controller, version: 1.5.0 (docker image tag)
[ ] Env-Injector (webhook), version: x.x.x (docker image tag)
[ ] Other

Describe the bug
Updating the AzureKeyVaultSecret by changing spec.vault.object.name doesn't result in updating an existing target secret.

To Reproduce
Steps to reproduce the behavior:

Consider following AzureKeyValutSecret:

apiVersion: spv.no/v1
kind: AzureKeyVaultSecret
metadata:
  name: my-secret 
spec:
  output:
    secret:
      name: my-secret 
      dataKey: itsasecret
  vault:
    name: my-keyvault-dev
    object:
      name: version-de-secret
      type: secret

After applying the secret, a k8s secret my-secret will appear.

When patching the spec.vault.object.name with a different name, the target secret is not updated with the new values.

Patch command: kubectl patch akvs my-secret --type merge -p '{"spec":{"vault":{"object":{"name":"version-de-secret"}}}}'.

Expected behavior

When patching the spec.vault.object.name with a different name, the target secret should contain the values of the newly targetted keyvault secret.

Additional context
It looks like the md5 doesn't take spec.vault.object.name into account, making it seem the AzureKeyVautSecret is not changed and nothing needs to be done.

[181192]

Hi @joyrex2001 good observation. Yes the hashing logic only takes the secrets related to one akvs resource. Need to look into how to handle, multiple akvs resources can also write to the same k8s secret