We are storing secrets in GCP Secret Manager, during an app deployment we using an init container which fetches secrets and places them in volume (path). Going forward we need the requirement is to load the secrets as env variable on the main container needing the secrets from the init container, instead of the paths. How can it be achieved ? Any workaround ?
Thank you !
You can copy from GSM into a Kubernetes Secret and then use that in a normal envFrom
or you can have the init container write a file into a shared emptyDir volume and then change the command on the main container to be something like command: [bash, -c, "source /shared/env && exec original command"]
. The latter requires you rewrite the command fully though which is annoying.