kubernetes: how to define which key-value pairs to be picked from an env file when creating k8s secret using --from-file or --from-env-file flag?

Question

I have an env file as below:

K1=s1
K2=s2
K3=s3
# many other key-value pairs I don't know about

I want to create a Kubernetes secret from K1 only

Actually, I am looking for a result that I would get if I had run kubectl create secret generic k1-secret --from-literal="K1=s1"

However

I want to read it from a file that has many keys
I don't want (I cannot) use imperative commands. I need to do it using a k1-secret.yaml file that I run kubectl create -f k1-secret.yaml

How can I do this?

A little background:

I am trying to pull github secrets and save them in a file in a GitHub action step. Then I want to have some helm chart files. In the helm's values.yaml I want to refer to the name of the secret like this:

generic_secret_keys:
    K1: K1
    k2: K2
    ....

Then in the template parts of the helm chart, I am going to have a secrets.yaml file. I am going to loop over the secrets in the values.yaml file and create them one by one. the first K1 is the key from the .env file and the second the secret name to be created. the value comes from the exported secret file.

More background: I am hoping to store the github secrets in an env file in a k=v pairs format

Your approach sounds like this https://phoenixnap.com/kb/helm-environment-variables. — Azeem, Apr 21 '23 at 16:06
to some extent. the prupose is to give developers somewhere to define the name of their secrets so it is picked by helm from there and read from env file (read from github secrets) — Amin Ba, Apr 21 '23 at 16:12
See https://stackoverflow.com/questions/75691648/how-to-inject-all-github-environment-specific-variables-from-vars-to-env-context. Use `secrets` instead of `vars` and redirect/append to `.env`. — Azeem, Apr 21 '23 at 16:37
Example: `echo '${{ toJSON(secrets) }}' | jq -r 'keys[] as $k | "\($k)=\(.[$k])"' >> .env` — Azeem, Apr 21 '23 at 16:37
you are awesome. okey. for the first step, `echo '${{ toJSON(secrets) }}' | jq -r 'keys[] as $k | "\($k)=\(.[$k])"' >> .env` write the secrets into a file named `.env` and it will be in a formart of `K1=v1` in each line — Amin Ba, Apr 21 '23 at 16:42
for the next step I am working on https://helm.sh/docs/chart_template_guide/control_structures/#looping-with-the-range-action — Amin Ba, Apr 21 '23 at 16:43
I think now I need a helm loop that loops through a list and then goes into the .env file and read the value from it and encode it base64 and print the key vlaue in the template — Amin Ba, Apr 21 '23 at 16:49
For `base64`: `echo '${{ toJSON(secrets) }}' | jq -r 'keys[] as $k | "\($k)=\(.[$k] | @base64)"' >> .env` — Azeem, Apr 21 '23 at 16:55
so I no more need to encode it. it is already encoded in the .env file. I just need to pick the value from the .env file base on the key in the loop — Amin Ba, Apr 21 '23 at 16:59
oh did not expect this `parse error: Invalid string: control characters from U+0000 through U+001F must be escaped at line 53, column 34 ` — Amin Ba, Apr 21 '23 at 22:33

kubernetes: how to define which key-value pairs to be picked from an env file when creating k8s secret using --from-file or --from-env-file flag?

0 Answers0