kubectl run with env var from a secret config

9/24/2018

How can I issue a kubectl run that pulls an environment var from a k8s secret configmap?

Currently I have:

kubectl run oneoff -i --rm NAME --image=IMAGE --env SECRET=foo

-- Alex Flint
kubernetes

2 Answers

9/25/2018

Look into the overrides flag of the run command... it reads as:

An inline JSON override for the generated object. If this is non-empty, it is used to override the generated object. Requires that the object supply a valid apiVersion field.

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#run

So in your case I guess it would be something like:

kubectl run oneoff -i --rm --overrides='
{
  "spec": {
    "containers": [
      {
        "name": "oneoff",
        "image": "IMAGE",
        "env": [
          {
            "name": "ENV_NAME"
            "valueFrom": {
              "secretKeyRef": {
                "name": "SECRET_NAME",
                "key": "SECRET_KEY"
              }
            }
          }
        ]
      }
    ]
  }
}
'  --image= IMAGE
-- Charlino
Source: StackOverflow

9/25/2018

This is another one that does the trick:

 kubectl run oneoff -i --rm NAME --image=IMAGE --env SECRET=$(kubectl get secret your-secret -o=jsonpath="{.server['secret\.yml']}")
-- Rico
Source: StackOverflow