I have a kubernetes yaml deployment file which accepts db username and password as arguments as shown below.
args:
- "-db_host=postgres"
- "-db_port=5432"
- "-db_username=postgres"
- "-db_password=postgres"
To hide the values of db_username and db_password I thought of using kubernetes secret kind. But to achieve that I have to make db_username and db_password as environment variables so that I can use it something like as shown below:
args:
- "-db_host=postgres"
- "-db_port=5432"
env:
- name: db_username
valueFrom:
secretKeyRef:
name: db-secret
key: db-user
- name: db_password
valueFrom:
secretKeyRef:
name: db-secret
key: db-pass
Is there any way we can use secret in args itself so that I don't have to do the 2nd approach.
Once you have an environment variable you can embed its value into the arguments:
env:
- name: MESSAGE
value: "hello world"
command: ["/bin/echo"]
args: ["$(MESSAGE)"]
Or in your case:
args:
- "-db_host=postgres"
- "-db_port=5432"
- "-db_username=$(db_username)"
- "-db_password=$(db_password)"
env:
- name: db_username
valueFrom:
secretKeyRef:
name: db-secret
key: db-user
- name: db_password
valueFrom:
secretKeyRef:
name: db-secret
key: db-pass
The reference can be found here