External secret management integration in Kubernetes - Time & Space Complexity

When Kubernetes integrates with external secret managers, it fetches secrets to use inside the cluster.

We want to understand how the time to fetch secrets grows as the number of secrets increases.

Analyze the time complexity of the following Kubernetes ExternalSecret resource.

apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: my-secret
spec:
  refreshInterval: 1h
  secretStoreRef:
    name: my-secret-store
    kind: SecretStore
  target:
    name: synced-secret
  data:
  - secretKey: username
    remoteRef:
      key: app/credentials
      property: username
  - secretKey: password
    remoteRef:
      key: app/credentials
      property: password

This resource fetches two secret properties from an external store and syncs them into a Kubernetes secret.

Identify the loops, recursion, array traversals that repeat.

• Primary operation: Fetching each secret property from the external secret store.
• How many times: Once per secret property listed in the data array.

Each secret property requires a separate fetch operation from the external store.

Input Size (number of secrets)	Approx. Operations (fetches)
10	10 fetches
100	100 fetches
1000	1000 fetches

Pattern observation: The number of fetch operations grows directly with the number of secrets requested.

Time Complexity: O(n)

This means the time to fetch secrets grows linearly as you add more secrets to sync.

[X] Wrong: "Fetching multiple secrets happens all at once, so time stays the same no matter how many secrets."

[OK] Correct: Each secret fetch is a separate operation, so more secrets mean more fetches and more time.

Understanding how secret fetching scales helps you design efficient Kubernetes deployments that stay responsive as they grow.

What if the external secret manager supported batch fetching multiple secrets in one request? How would the time complexity change?