Questions tagged [kubernetes-secrets]

415 questions
176
votes
9 answers

How can I update a secret on Kubernetes when it is generated from a file?

I've created a secret using kubectl create secret generic production-tls \ --from-file=./tls.key \ --from-file=./tls.crt If I'd like to update the values - how can I do this?
Chris Stryczynski
  • 30,145
  • 48
  • 175
  • 286
90
votes
15 answers

Kubernetes: modify a secret using kubectl?

How can I modify the values in a Kubernetes secret using kubectl? I created the secret with kubernetes create secret generic, but there does not seem to be a way to modify a secret. For example, to add a new secret-value to it, or to change a…
gabor
  • 1,561
  • 2
  • 12
  • 13
74
votes
8 answers

Can't create Secret in Kubernetes: illegal base64 data at input

I want to create a secret for my kubernetes cluster. So I composed following dummy-secret.yaml file: apiVersion: v1 kind: Secret metadata: name: dummy-secret type: Opaque data: API_KEY: bWVnYV9zZWNyZXRfa2V5 API_SECRET:…
Alex Fruzenshtein
  • 2,846
  • 6
  • 32
  • 53
55
votes
6 answers

How to set secret files to kubernetes secrets by yaml?

I want to store files in Kubernetes Secrets but I haven't found how to do it using a yaml file. I've been able to make it using the cli with kubectl: kubectl create secret generic some-secret --from-file=secret1.txt=secrets/secret1.txt But when I…
dgil
  • 2,318
  • 2
  • 23
  • 39
46
votes
4 answers

How to mount multiple files / secrets into common directory in kubernetes?

I've multiple secrets created from different files. I'd like to store all of them in common directory /var/secrets/. Unfortunately, I'm unable to do that because kubernetes throws 'Invalid value: "/var/secret": must be unique error during pod…
Lukasz Dynowski
  • 11,169
  • 9
  • 81
  • 124
35
votes
5 answers

Create kubernetes docker-registry secret from yaml file?

I can run this command to create a docker registry secret for a kubernetes cluster: kubectl create secret docker-registry regsecret \ --docker-server=docker.example.com \ --docker-username=kube \ --docker-password=PW_STRING…
Rotareti
  • 49,483
  • 23
  • 112
  • 108
29
votes
4 answers

Import data to config map from kubernetes secret

I'm using a kubernetes ConfigMap that contains database configurations for an app and there is a secret that has the database password. I need to use this secret in the ConfigMap so when I try to add environment variable in the ConfigMap and specify…
yara mohamed
  • 371
  • 1
  • 7
  • 12
24
votes
3 answers

What is the point of Kubernetes secrets if I can decode them?

I can easily get the secrets stored in Kubernetes. $ kubectl get secret my-app-secrets -o yaml Select secret value from output that I want to decode. Example ZXhwb3NlZC1wYXNzd29yZAo= $ echo ZXhwb3NlZC1wYXNzd29yZAo= | base64 --decode >…
alex
  • 1,905
  • 26
  • 51
24
votes
6 answers

Kubernetes Secrets Volumes vs Environment Variables

Is there a recommended way to use Kubernetes Secrets? They can be exposed as environment variables or using a volume mount. Is one more secure than the other?
22
votes
3 answers

Extra secrets created when helm is used

I created a helm chart which has secrets.yaml as: apiVersion: v1 kind: Secret type: Opaque metadata: name: appdbpassword stringData: password: password@1 My pod is: apiVersion: v1 kind: Pod metadata: name: expense-pod-sample-1 spec: …
Bhargav Behara
  • 285
  • 1
  • 4
  • 10
22
votes
3 answers

Insert multiline json string into helm template for base64 encoding

I am trying to insert multiline json string into helm template for base64 encoding required for Kubernetes secret. Goals: helm value is injected into json string multi-line json string must be base64 encoded using b64enc myfile1.json does not work…
Steve
  • 863
  • 3
  • 9
  • 21
20
votes
3 answers

How to reference kubernetes secrets in helm chart?

I want to make some deployments in kubernetes using helm charts. Here is a sample override-values yaml that I use: imageRepository: "" ocbb: imagePullPolicy: IfNotPresent TZ: UTC logDir: /oms_logs tnsAdmin: /oms/ora_k8 …
Tians
  • 443
  • 1
  • 5
  • 14
20
votes
1 answer

Is there a way to put Kubernetes secret value in args field of yaml file

I have a kubernetes yaml deployment file which accepts db username and password as arguments as shown below. args: - "-db_host=postgres" - "-db_port=5432" - "-db_username=postgres" - "-db_password=postgres" To hide…
Tinkaal Gogoi
  • 4,344
  • 4
  • 27
  • 36
19
votes
2 answers

Changing default file owner and group owner of kubernetes secrets files mounted on projected volumes

I am new to K8S. I have a yaml file which generates kubernetes secrets mounted on projected volumes. Upon execution, I found that the secret files (packaged with secrets) are showing "root" as file owner and group owner. I want to change the file…
user_2011
  • 241
  • 1
  • 3
  • 10
18
votes
2 answers

How do I mount a single file from a secret in Kubernetes?

How can I mount a 'single' file from a secret? I've created a secret with: kubectl create secret generic oauth \ --from-file=./.work-in-progress/oauth_private.key \ --from-file=./.work-in-progress/oauth_public.key \ How can I mount…
Chris Stryczynski
  • 30,145
  • 48
  • 175
  • 286
1
2 3
27 28