1

I am trying to set environment variables to kubernetes deployment in following way.

env:
   - name: username
     value: $(cat /vault/secrets/config.txt | awk  ' NR == 2')

For the environment variable value, I am trying to read the first line of a file. But, in application initialization, the environment variable is set as just the text value denoted above without evaluating the cat expression. How to set the environment variable in this scenario properly?. Thank you.

Nirmal Gamage
  • 157
  • 1
  • 15
  • 2
    Configure a configmap having the file as content (kubectl create cm —from-file ..) and Import its value into your env variable. See also: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#define-container-environment-variables-using-configmap-data – Aydin K. Dec 31 '21 at 12:36
  • Thanks. Here, I want to read the file at deployment stage. The file specified with above path is in pod's storage. Is it possible with a configmap?. – Nirmal Gamage Jan 02 '22 at 14:45
  • What do mean by pod storage? Was it baked into the containers image (e.g. dockerfile) which is bad practice from security point of view in case it’s a secret or is it stored in a mounted Kubernetes volume? Can you post the pod or deployment definition yaml? – Aydin K. Jan 02 '22 at 18:57
  • I am using a Hashicorp vault ( a secret store tool) with kubernetes. At the pod initialization stage, a hashicorp vault sidecar container is created within the pod. this sidecar pulls the required secret credentials from main hashicorp vault pod to this application pod. These secrets are stored as a file in the pod storage. What I want is to get these secrets as env variables at startup. – Nirmal Gamage Jan 03 '22 at 04:00
  • [Here is similar question](https://stackoverflow.com/questions/49571749/create-environment-variables-for-kubernetes-main-container-in-kubernetes-init-co). Did any of that suggestions help you? – kkopczak Jan 03 '22 at 13:12
  • Hi @WytrzymałyWiktor & kkopczak, Couldn't find a working solution yet – Nirmal Gamage Jan 15 '22 at 16:03
  • Did you try any of provided solutions? – kkopczak Jan 18 '22 at 22:43

1 Answers1

0

Best way to achieve your goal is described in Vault documentation: https://www.vaultproject.io/docs/platform/k8s/injector/examples#environment-variable-example

Vasili Angapov
  • 8,061
  • 15
  • 31