英文:
Access sealed secret from deployment.yaml in helm chart
问题
I'm trying to use a helm chart to deploy my secrets as sealed secret, I have created a template for the sealed secret
apiVersion: bitnami.com/v1alpha1kind: SealedSecretmetadata:name: {{ include "api.fullname" . }}namespace: apispec:template:metadata:name: {{ include "api.fullname" . }}encryptedData:{{- range $key, $val := .Values.encryptedData }}{{ $key }}: {{ $val }}{{- end }}
and in my deployment I'm setting the secret values as env variables
env:{{- range $key, $val := .Values.encryptedData }}- name: {{ $key }}valueFrom:secretKeyRef:name: {{ include "sealedsecret.bitnami.com/api.fullname" $ }}key: {{ $key }}{{- end }}
The problem is when I install the chart the sealed secret file is in sealedsecret.bitnami.com/api
how can reference that in the include part of the secretKeyRef
The error I'm getting when installing the chart
Error: template: joe-api/templates/deployment.yaml:42:25: executing "api/templates/deployment.yaml" at <include "sealedsecret.bitnami.com/api.fullname" $>: error calling include: template: no template "sealedsecret.bitnami.com/api.fullname" associated with template "gotpl"any help would be appreciated
英文:
I'm trying to use a helm chart to deploy my secrets as sealed secret, I have created a template for the sealed secret
apiVersion: bitnami.com/v1alpha1kind: SealedSecretmetadata:name: {{ include "api.fullname" . }}namespace: apispec:template:metadata:name: {{ include "api.fullname" . }}encryptedData:{{- range $key, $val := .Values.encryptedData }}{{ $key }}: {{ $val }}{{- end }}
and in my deployment I'm setting the secret values as env variables
env:{{- range $key, $val := .Values.encryptedData }}- name: {{ $key }}valueFrom:secretKeyRef:name: {{ include "sealedsecret.bitnami.com/api.fullname" $ }}key: {{ $key }}{{- end }}
The problem is when I install the chart the sealed secret file is in sealedsecret.bitnami.com/api
how can reference that in the include part of the secretKeyRef
The error I'm getting when installing the chart
Error: template: joe-api/templates/deployment.yaml:42:25: executing "api/templates/deployment.yaml" at <include "sealedsecret.bitnami.com/api.fullname" $>: error calling include: template: no template "sealedsecret.bitnami.com/api.fullname" associated with template "gotpl"
any help would be appreciated
答案1
得分: 0
SealedSecret 在您的集群中创建与其名称相同的 Secret,请参阅 https://github.com/bitnami-labs/sealed-secrets#overview
您的 SealedSecret 名称来自图表 fullname 模板 - {{ include "api.fullname" . }},但在部署中,您包含了未定义的模板,名称为 sealedsecret.bitnami.com/api.fullname(如果需要,您可以在 templates/_helpers.tpl 文件中查看可用的模板)
因此,下面的片段应该有效:
env:{{- range $key, $val := .Values.encryptedData }}- name: {{ $key }}valueFrom:secretKeyRef:name: {{ include "api.fullname" $ }}key: {{ $key }}{{- end }}
英文:
SealedSecret creates Secret in your cluster with the same name as itself, see https://github.com/bitnami-labs/sealed-secrets#overview
Your SealedSecret name comes from chart fullname template - {{ include "api.fullname" . }}, but in deployment you are including undefined template, named sealedsecret.bitnami.com/api.fullname (you can check available templates in templates/_helpers.tpl file if you want)
So the snippet below should work:
env:{{- range $key, $val := .Values.encryptedData }}- name: {{ $key }}valueFrom:secretKeyRef:name: {{ include "api.fullname" $ }}key: {{ $key }}{{- end }}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论