Stack Overflow
Stack Overflow

Questions tagged [kubernetes-secrets]

415 questions
0
votes
1 answer

k8s secret rotation with SQL server

Is it possible to do SQL Server secret rotations? Scenario: CI/CD pipes with helm chart for SQL server Including secret, persistent volume, persistent volume claim, deployment (persistent volume is a NFS is my case, and the k8s is bare metal, if…
Henkolicious
  • 1,273
  • 2
  • 17
  • 34
0
votes
1 answer

Substitute password in helm values file prometheus blackbox exporter http target

I'm trying to do an aliveness-check to rabbitmq management console via http api. I have the target in the helm values file under endpoints; I'm using http probe. endpoints: - module: rabbit_alive_check port: http scheme: http …
karthick
  • 57
  • 1
  • 2
  • 6
0
votes
1 answer

How to use two jsons using secrets to authenticate to google in java

Do to companies restriction, I have to use different service accounts for different google services. One of the accounts is for pubsub and a second one is for bigquery. I've gotten the pubsub authentication to work with spring. Snippet …
GriffiN
  • 84
  • 10
0
votes
2 answers

Use kubernetes secret with GKEPodOperator in Airflow

I am trying to use a GOOGLE_APPLICATION_CREDENTIALS secret with GKEPodOperator. Basically I want to: 1. Upload the secret to GKE 2. Mount (?) the secret to a container 3. Use the secret when running the container. Until now I have added the…
wital
  • 13
  • 4
0
votes
1 answer

Best Practice For Getting Credentials in to Spring boot app from gitlab

I have a project in which I use the following technologies mysql spring boot (including spring jdbc template) docker kubernetes gitlab (ci/cd). As per the spring boot standard, I pass database credentials in as environment variables. These…
Connor Butch
  • 648
  • 1
  • 10
  • 28
0
votes
2 answers

Byte array as kubernetes secret?

I am wondering if it is possible to have a byte array as kubernetes secret. I created a byte array and a base64-encoded string as below SecureRandom random = new SecureRandom(); byte bytes[] = new byte[32]; random.nextBytes(bytes); …
Martin Baeumer
  • 189
  • 1
  • 1
  • 9
0
votes
1 answer

Using different Secrets in sts replicas

I'm trying to use different secrets on a StatefulSet, based on the index o the pods. Here is the things I tried: env: - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath:…
Marco Reply
  • 25
  • 5
0
votes
1 answer

generate dynamic runtime YAML for container with k8s secrets

I'm deploying a service which rigidly takes a YAML config that looks something like this: # /config/srv.yaml # # ... # tenantid: '...' clientid: '...' certfile: '/config/client/client.crt' keyfile: '/config/client/client.key' # # ... # TL;DR; I…
colm.anseo
  • 19,337
  • 4
  • 43
  • 52
0
votes
1 answer

Helm secrets plugin unable to decrypt secrets.yaml encrypted before with GPG key

I have got a problem with decryption of my secrets.yaml file. The process freez like on pic. below: helm secrets dec Based on the example from official documentation: https://github.com/futuresimple/helm-secrets 1) I have my gpg key fingerprint…
PabloKielek
  • 23
  • 4
0
votes
1 answer

Create or edit Kubernetes secret from a job

I am trying to generate a Kubernetes secret from a Kubernetes job. The secret is a TLS certificate, for elasticsearch transport, I tried this job: apiVersion: batch/v1 kind: Job metadata: name: conso-security-tls-gen-certs spec: template: …
Thomas Decaux
  • 21,738
  • 2
  • 113
  • 124
0
votes
1 answer

How to store/retrieve KMS encrypted .enc file in/from kubernetes secrets

I have an .enc file that has been encrypted by a GCP KMS key. I stored this encrypted file as a secret in kubernetes . Kubernetes cluster has permissions to access KMS key. Now i want to decrypt stored encrypted file using key when container is…
Nipu
  • 653
  • 1
  • 8
  • 15
0
votes
1 answer

kubctl not pulling images from public registry but docker pull works

In the fresh vmware PKS kubernetes cluster, the secret is created for private docker-registry and it works as expected. But the kubectl is not pulling the image from public registry "https://registry-1.docker.io/v2/". I am connected to corporate…
intechops6
  • 1,007
  • 4
  • 22
  • 43
0
votes
1 answer

CreateContainerConfigError while migrating Kubernetes cluster

We are migrating the K8S cluster to the new AWS region. using the following command on Dev server which needs to be migrated: $ kubectl get secrets -n cog-stage -o yaml --export > secrets-mumbairegion.yaml on POC server in AWS Mumbai region :…
Ashish Karpe
  • 5,087
  • 7
  • 41
  • 66
0
votes
2 answers

how to secure the plain credentials used in k8s pull secrets

We are seeing the plain credentials as part of k8s pull secrets file. Is there any way to safely secure them so that admin/user who have full rights cannot misuse them? Pull-Secret Example: .dockercfg: {"dockercentral.test.com:5050": …
Manigandan Thanigai Arasu
  • 627
  • 3
  • 10
  • 24
0
votes
1 answer

Helm Secrets Unable To Recognize Data

I am trying to implement Helm Secrets on a simple application. I want to install the app using the Helm Secrets plugin. Here's my encrypted templates/secrets.yaml file: apiVersion:…
Barrett
  • 23
  • 6
1 2 3
27 28