2

I am trying to create a secret from a JSON value but I keep getting this error executing "secrets.yaml" at <b64enc>: wrong type for value; expected string; got map[string]interface {} when I do helm install.

secrets.yaml

apiVersion: v1
kind: Secret
metadata:
  name: cloudsql-instance-credentials
  namespace: wp-{{ .Values.name }}
  labels:
    app: wp-{{ .Values.name }}
type: Opaque
data:
  credentials.json: {{ .Values.dbCred | b64enc }}

values.yaml

dbCred: {
  'type': '',
  'project_id': '',
  'private_key_id': '',
  'private_key': '-----BEGIN PRIVATE KEY-----\n\n-----END PRIVATE KEY-----\n',
  'client_email': '',
  'client_id': '',
  'auth_uri': '',
  'token_uri': '',
  'auth_provider_x509_cert_url': '',
  'client_x509_cert_url': ''
}
Kamil Kamili
  • 1,757
  • 5
  • 24
  • 39
  • Try `toJson .Values.dbCred | b64enc`. Or you could even try putting the values in json structure in the values.yaml as yaml and letting helm convert to json for you - https://stackoverflow.com/a/53342487/9705485 – Ryan Dawson Dec 10 '18 at 11:44

4 Answers4

2

You can fix this by changing {{ .Values.dbCred | b64enc }} to {{ toJson .Values.dbCred | b64enc }}

Ryan Dawson
  • 11,832
  • 5
  • 38
  • 61
  • I tried putting that secrets.yaml and values entry into an example chart generated with `helm create` and was able to recreate the error. I then made this change and found I then don't get the error – Ryan Dawson Dec 10 '18 at 11:50
  • @O’Dane Brissett Bit confused by the question. This example discussed is a secrets.yaml – Ryan Dawson Aug 30 '20 at 12:25
  • I'm using octopus deploy to set the variable then substitute the values in my helm. However using the example above i get the error `did not find expected key` – O'Dane Brissett Aug 31 '20 at 13:43
  • @O’Dane Brissett I'd suggest trying it outside of octopus, If that works then you know it's a problem at the octopus level. If it doesn't work then I'd suggest a new question on SO or an issue on the helm repo. – Ryan Dawson Sep 01 '20 at 12:22
1

Alternatively, you can keep your credentials.json file inside chart directory, and access file inside your template

data:
  credentials.json: {{ .Files.Get "credentials.json" | b64enc }}
edbighead
  • 5,607
  • 5
  • 29
  • 35
0

use double-quote("") before and after dbCred as below

dbCred: "{
  'type': '',
  'project_id': '',
  'private_key_id': '',
  'private_key': '-----BEGIN PRIVATE KEY-----\n\n-----END PRIVATE KEY-----\n',
  'client_email': '',
  'client_id': '',
  'auth_uri': '',
  'token_uri': '',
  'auth_provider_x509_cert_url': '',
  'client_x509_cert_url': ''
}"

Other things look okay.

Abu Hanifa
  • 2,857
  • 2
  • 22
  • 38
0

You can do as follow for your configuration:

apiVersion: v1
kind: Secret
metadata:
  name: cloudsql-instance-credentials
  namespace: wp-{{ .Values.name }}
  labels:
    app: wp-{{ .Values.name }}
type: Opaque
data:
  credentials.json: |-
     {{ include (print $.Template.BasePath "/_helper_conf.tpl") . | b64enc }}

Please note that when you are trying to inject configuration into secret ( espacially large ones ) you might need to use |-

you can also use a helper like 

{{ include (print $.Template.BasePath "/_helper_conf.tpl") . | b64enc }}

Or even better, in you yaml configuration ( values.yml ) you can just write as follow:

dbCred:
  type: ''
  project_id: ''
  private_key_id: ''
  private_key: '-----BEGIN PRIVATE KEY-----\n\n-----END PRIVATE KEY-----\n'
  client_email: ''
  client_id: ''
  auth_uri: ''
  token_uri: ''
  auth_provider_x509_cert_url: ''
  client_x509_cert_url: ''

to use this sort of configuration you can check the object bellow:

apiVersion: v1
kind: Secret
metadata:
  name: cloudsql-instance-credentials
  namespace: wp-{{ .Values.name }}
  labels:
    app: wp-{{ .Values.name }}
type: Opaque
data:
  credentials.json: |-
     {{ toJson .Values.dbCred | b64enc }}

The use of this configuration is to provide an abstraction of the json provided and put it inside your values.yml

{{ toJson .Values.dbCred | b64enc }}

Note that this might be duplicated if you support multiple environments, so you might prefer to use a helper and some variables inside ( or tpl ) to avoid duplicated code

I hope this helps

hkhelil
  • 358
  • 2
  • 13