capiono
Reputation: 2997
How to set kubernetes secrets to json object
I'm currently building an API for Firebase Admin SDK and I want to store the Admin SDK credential file as a secret in Kubernetes.
This is an example from google on how to use the credential file:
var admin = require("firebase-admin");
var serviceAccount = require("path/to/serviceAccountKey.json");
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
databaseURL: "https://test.firebaseio.com"
});
the credentials are in serviceAccountKey.json.
this is what the content of the file looks like:
{
"type": "service_account",
"project_id": "test",
"private_key_id": "3455dj555599993n5d425j878999339393po6",
"private_key": "-----BEGIN PRIVATE KEY-----\lkjsfdjlsjfsjflksjfklsjkljklfsjfksjkdjskljflk;sjflskjfklsjdljhijshdkjfhsjfhjsb2223b3==\n-----END PRIVATE KEY-----\n",
"client_email": "[email protected]",
"client_id": "123334444555556665478884",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk%40test.iam.gserviceaccount.com"
}
I already have this file I use for my other secrets:
apiVersion: v1
kind: Secret
metadata:
name: paisecret
type: Opaque
stringData:
MONGODB_PASSWORD: "sjldkjsjdfklsl"
MONGODB_USERNAME: "prod_user"
MONGODB_HOST: "test.azure.mongodb.net"
I'll like to add serviceAccountKey.json or its content to the secret file above and if possible I'll like to access it within the API like this: process.env.FIREBASE_ADMIN
Upvotes: 1
Views: 904
Answers (1)
Karl
Reputation: 5822
If the question is just how to include it as a string in the Secret, you could simply add it as a multiline string.
apiVersion: v1
kind: Secret
metadata:
name: paisecret
type: Opaque
stringData:
MONGODB_PASSWORD: "sjldkjsjdfklsl"
MONGODB_USERNAME: "prod_user"
MONGODB_HOST: "test.azure.mongodb.net"
FIREBASE_ADMIN: >
{
"type": "service_account",
"project_id": "test",
"private_key_id": "3455dj555599993n5d425j878999339393po6",
"private_key": "-----BEGIN PRIVATE KEY-----\lkjsfdjlsjfsjflksjfklsjkljklfsjfksjkdjskljflk;sjflskjfklsjdljhijshdkjfhsjfhjsb2223b3==\n-----END PRIVATE KEY-----\n",
"client_email": "[email protected]",
"client_id": "123334444555556665478884",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk%40test.iam.gserviceaccount.com"
}
Upvotes: 3
Related Questions
- How to use kubernetes secrets in nodejs application?
- How to create kubernetes secret using json file content and stringData field
- NodeJs throwing undefined error while reading the secret value from kubernetes yaml file
- Add a service_account.json to kubectl secrets
- Kubernetes create secret from json
- Create kubernetes secret from .json file
- use k8s secret from nodejs application
- How to create kubernetes secret as json object and load the same in kubernetes environment as json
- Kubernetes storing key-value pair in Secret.yml
- Nodejs firebase-admin authenticate with application default credentials in Google Kubernetes engine