Questions tagged [kubernetes-secrets]
415 questions
176
votes
9 answers
How can I update a secret on Kubernetes when it is generated from a file?
I've created a secret using
kubectl create secret generic production-tls \
--from-file=./tls.key \
--from-file=./tls.crt
If I'd like to update the values - how can I do this?

Chris Stryczynski
- 30,145
- 48
- 175
- 286
90
votes
15 answers
Kubernetes: modify a secret using kubectl?
How can I modify the values in a Kubernetes secret using kubectl?
I created the secret with kubernetes create secret generic, but there does not seem to be a way to modify a secret. For example, to add a new secret-value to it, or to change a…

gabor
- 1,561
- 2
- 12
- 13
74
votes
8 answers
Can't create Secret in Kubernetes: illegal base64 data at input
I want to create a secret for my kubernetes cluster. So I composed following dummy-secret.yaml file:
apiVersion: v1
kind: Secret
metadata:
name: dummy-secret
type: Opaque
data:
API_KEY: bWVnYV9zZWNyZXRfa2V5
API_SECRET:…

Alex Fruzenshtein
- 2,846
- 6
- 32
- 53
55
votes
6 answers
How to set secret files to kubernetes secrets by yaml?
I want to store files in Kubernetes Secrets but I haven't found how to do it using a yaml file.
I've been able to make it using the cli with kubectl:
kubectl create secret generic some-secret --from-file=secret1.txt=secrets/secret1.txt
But when I…

dgil
- 2,318
- 2
- 23
- 39
46
votes
4 answers
How to mount multiple files / secrets into common directory in kubernetes?
I've multiple secrets created from different files. I'd like to store all of them in common directory /var/secrets/. Unfortunately, I'm unable to do that because kubernetes throws 'Invalid value: "/var/secret": must be unique error during pod…

Lukasz Dynowski
- 11,169
- 9
- 81
- 124
35
votes
5 answers
Create kubernetes docker-registry secret from yaml file?
I can run this command to create a docker registry secret for a kubernetes cluster:
kubectl create secret docker-registry regsecret \
--docker-server=docker.example.com \
--docker-username=kube \
--docker-password=PW_STRING…

Rotareti
- 49,483
- 23
- 112
- 108
29
votes
4 answers
Import data to config map from kubernetes secret
I'm using a kubernetes ConfigMap that contains database configurations for an app and there is a secret that has the database password.
I need to use this secret in the ConfigMap so when I try to add environment variable in the ConfigMap and specify…

yara mohamed
- 371
- 1
- 7
- 12
24
votes
3 answers
What is the point of Kubernetes secrets if I can decode them?
I can easily get the secrets stored in Kubernetes.
$ kubectl get secret my-app-secrets -o yaml
Select secret value from output that I want to decode.
Example ZXhwb3NlZC1wYXNzd29yZAo=
$ echo ZXhwb3NlZC1wYXNzd29yZAo= | base64 --decode
>…

alex
- 1,905
- 26
- 51
24
votes
6 answers
Kubernetes Secrets Volumes vs Environment Variables
Is there a recommended way to use Kubernetes Secrets? They can be exposed as environment variables or using a volume mount. Is one more secure than the other?

Muhammad Rehan Saeed
- 35,627
- 39
- 202
- 311
22
votes
3 answers
Extra secrets created when helm is used
I created a helm chart which has secrets.yaml as:
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: appdbpassword
stringData:
password: password@1
My pod is:
apiVersion: v1
kind: Pod
metadata:
name: expense-pod-sample-1
spec:
…

Bhargav Behara
- 285
- 1
- 4
- 10
22
votes
3 answers
Insert multiline json string into helm template for base64 encoding
I am trying to insert multiline json string into helm template for base64 encoding required for Kubernetes secret.
Goals:
helm value is injected into json string
multi-line json string must be base64 encoded using b64enc
myfile1.json does not work…

Steve
- 863
- 3
- 9
- 21
20
votes
3 answers
How to reference kubernetes secrets in helm chart?
I want to make some deployments in kubernetes using helm charts. Here is a sample override-values yaml that I use:
imageRepository: ""
ocbb:
imagePullPolicy: IfNotPresent
TZ: UTC
logDir: /oms_logs
tnsAdmin: /oms/ora_k8
…

Tians
- 443
- 1
- 5
- 14
20
votes
1 answer
Is there a way to put Kubernetes secret value in args field of yaml file
I have a kubernetes yaml deployment file which accepts db username and password as arguments as shown below.
args:
- "-db_host=postgres"
- "-db_port=5432"
- "-db_username=postgres"
- "-db_password=postgres"
To hide…

Tinkaal Gogoi
- 4,344
- 4
- 27
- 36
19
votes
2 answers
Changing default file owner and group owner of kubernetes secrets files mounted on projected volumes
I am new to K8S. I have a yaml file which generates kubernetes secrets mounted on projected volumes. Upon execution, I found that the secret files (packaged with secrets) are showing "root" as file owner and group owner. I want to change the file…

user_2011
- 241
- 1
- 3
- 10
18
votes
2 answers
How do I mount a single file from a secret in Kubernetes?
How can I mount a 'single' file from a secret?
I've created a secret with:
kubectl create secret generic oauth \
--from-file=./.work-in-progress/oauth_private.key \
--from-file=./.work-in-progress/oauth_public.key \
How can I mount…

Chris Stryczynski
- 30,145
- 48
- 175
- 286