Kubernetes Secrets create files that are mounted as a volumeMount.
There is possibility to put multiple files in a single Secret.
Is there a way to create a Secret that would put files in a directory structure (i.e. in a folder) ?
There is no sign of it in the docs, and using / is not allowed in the key name, so it seems like it is not possible (except for making multiple secrets and mounting them in different volumes)
Does anyone know better?
This is actually possible now: You need to use the items field to project the key/value pairs in the secret to specific paths that you want. See the example in the section titled "Projection of secret keys to specific paths" in the secrets documentation, which I've linked and copied below: https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets-as-files-from-a-pod
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: mypod
image: redis
volumeMounts:
- name: foo
mountPath: "/etc/foo"
readOnly: true
volumes:
- name: foo
secret:
secretName: mysecret
items:
- key: username
path: my-group/my-usernameThis will place the secret with key "username" at the path /my_secret_volume/my-group/my-username
No, subdirectories are not currently possible. There is work in progress to give more control over how data from a secret is injected into a pod, but that is not possible today