1

I have the following yaml file creates a Kubernetes secret for mysql database.

apiVersion: v1
kind: Secret
metadata:
  name: mysql-secret
  key: MYSQL_KEY
type: Opaque
data:  
  mysql-root-password: 11111
  mysql-user: a
  mysql-password: 11111

But when I try to deploy it I get the following error:

 - Error from server (BadRequest): error when creating "STDIN": Secret in version "v1" cannot be handled as a Secret: json: cannot unmarshal number into Go struct field Secret.data of type []uint8

What is the problem and how can I fix it?

EDIT: The reason why do I added key: MY_SQL field is because previously I could deploy mysql on Kubernetes cluster using the secret ke created by this command:

kubectl create secret generic mysql-secret --from-literal MYSQL_KEY=11111

And I wanted to produce the exact same output. I also need a MY_SQL key to be able to connect to this pod from inside another pods like auth pod that you can see it's deployment file below:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: auth-depl
spec:
  replicas: 1
  selector:
    matchLabels:
      app: auth
  template:
    metadata:
      labels:
        app: auth
    spec:
      containers:
        - name: auth
          image: auth
          env:
            - name: MYSQL_URI
              value: 'mysql://auth-mysql-srv:3306/users_auth'
            - name: MYSQL_ROOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mysql-secret
                  key: MYSQL_KEY
best_of_man
  • 643
  • 2
  • 15
  • is your data section only an example or are you really passing them as they are? [ mysql-root-password: 11111 ad etc.. ] and currently they are also numbers. This is something to focus : "json: cannot unmarshal number into Go struct field Secret.data" Moreover in data, you can only pass base64 encoded string values. – ishuar Jan 15 '23 at 23:44
  • @ishuar: Actually I have a `mysql` installed locally that works with either `mysql -u root -p11111` or `mysql -u a -p11111` and I wanted to create such a passwords and users for the `mysql pod` as well. But I don't know how can I do that? – best_of_man Jan 15 '23 at 23:53

1 Answers1

1

As mentioned in my comment already, your .yaml is not a valid file for secret kind. You are passing incorrect values to the data section.

While creating secrets via YAML you have to explicitly pass base64 encoded strings it does not automatically do that like in the CLI command.

  • Number types values 111111 are not accepted or in more general only base64 encoded string values are acceptable.
  • metadata.key is an unknown field in the secret kind. You have to remove it not sure what exactly you want to achieve with it so can't recommend something anything other than removing it.

Fix For Data Section.

First, you have to encode your values in base64 and then to have you use those base64 encoded values.

➜  secrets-error git:(main) ✗ echo "11111" | base64 
MTExMTEK
➜  secrets-error git:(main) ✗ echo "a" | base64    
YQo=
  • Update .yaml file with correct data values and remove metadata.key
apiVersion: v1
kind: Secret
metadata:
  name: mysql-secret
type: Opaque
data:
  mysql-root-password: MTExMTEK
  mysql-user: YQo=
  mysql-password: MTExMTEK

Edited

you should have base64 binary installed on your machine to use my above-mentioned commands otherwise can also use kubectl or any online base64 converter to do it for you.

  • With kubectl commands.
## To Just generate the Yaml file if only want to create secret via YAML.
kubectl create secret generic mysql-secret --from-literal=mysql-root-password="111111" --from-literal=mysql-password="111111" --from-literal=mysql-user="a"  -o yaml --dry-run=client
ishuar
  • 1,193
  • 1
  • 3
  • 6
  • Thank you so much for the help. Please also read the added edit part to my quesion. – best_of_man Jan 16 '23 at 00:18
  • In summary, I don't know if I remove `key: MY_SQL` how can I fill out the `key:` property in the other `deployment` files like `auth` that I added it's code to my question. – best_of_man Jan 16 '23 at 00:27
  • I get such an error without the `key` : `- deployment/mysql: container mysql in error: &ContainerStateWaiting{Reason:CreateContainerConfigError,Message:couldn't find key MYSQL_KEY in Secret default/mysql-secret,}` – best_of_man Jan 16 '23 at 00:32
  • Honestly this is beyond the real question scope but i believe what you want to do is to set up env variable "MYSQL_KEY" in the pod via secretKeyRef then just use name: MYSQL_KEY and value: whateverValue. If this does not help. I would request you to open another question to maintain the question context. – ishuar Jan 16 '23 at 22:21