Tinkaal Gogoi
Reputation: 4888
Is there a way to put Kubernetes secret value in args field of yaml file
I have a kubernetes yaml deployment file which accepts db username and password as arguments as shown below.
args:
- "-db_host=postgres"
- "-db_port=5432"
- "-db_username=postgres"
- "-db_password=postgres"
To hide the values of db_username and db_password I thought of using kubernetes secret kind. But to achieve that I have to make db_username and db_password as environment variables so that I can use it something like as shown below:
args:
- "-db_host=postgres"
- "-db_port=5432"
env:
- name: db_username
valueFrom:
secretKeyRef:
name: db-secret
key: db-user
- name: db_password
valueFrom:
secretKeyRef:
name: db-secret
key: db-pass
Is there any way we can use secret in args itself so that I don't have to do the 2nd approach.
Upvotes: 23
Views: 10548
Answers (1)
Erez Rabih
Reputation: 15788
Once you have an environment variable you can embed its value into the arguments:
env:
- name: MESSAGE
value: "hello world"
command: ["/bin/echo"]
args: ["$(MESSAGE)"]
Or in your case:
args:
- "-db_host=postgres"
- "-db_port=5432"
- "-db_username=$(db_username)"
- "-db_password=$(db_password)"
env:
- name: db_username
valueFrom:
secretKeyRef:
name: db-secret
key: db-user
- name: db_password
valueFrom:
secretKeyRef:
name: db-secret
key: db-pass
The reference can be found here
Upvotes: 45
Related Questions
- Set environment variable in kubernetes secret
- How to set secret files to kubernetes secrets by yaml?
- How to specify yaml file to use secret as intended?
- How to inject kubernetes secret into configuration file
- pass default.yaml secret env's to deployment
- How to create a secret file in kubernetes
- Specify a secret in YML WITH a namespace
- pass boolean variable as env, secret or configmap in k8s yaml file
- How to set secret data to kubernetes secrets by yaml?
- Kubernetes storing key-value pair in Secret.yml