K
Q

Change Kubernetes secrets file format in mounted volume

8/20/2021

I am able to get a secrets file pulled from AWS Secrets Manager and mounted in the container. The format of the secrets file is as follows:

{"testkey":"datepie"}

How do I reformat the file to be like this:

testkey=datepie

Here is my manifest file:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: test-app
  labels:
    app: test-app
spec:
  replicas: 2
  selector:
    matchLabels:
      app: test-app
  template:
    metadata:
      labels:
        app: test-app
    spec:
      serviceAccountName: test-service-account
      containers:
      - name: test-app
        image: 111122223333.dkr.ecr.us-west-2.amazonaws.com/test.example:test-service-1.0.0-main
        volumeMounts:
          - name: test-secrets
            mountPath: /mnt/
            readOnly: true
. . .
      volumes:
      - name: test-secrets
        csi:
          driver: secrets-store.csi.k8s.io
          readOnly: true
          volumeAttributes:
            secretProviderClass: test-secrets
-- Nova
aws-secrets-manager
kubernetes
kubernetes-secrets

Similar Questions

Airflow GKEPodOperator xcom_push returns None
Golang proxy in front of k8s api server hangs on kubectl delete pod with 'WINDOW_UPDATE'
some problem about initContainer for kubernetes
Issues of Spark Structured Streaming on Kubernetes
Exposing Custom Workload Metrics in Rancher

2 Answers

8/20/2021

What you see is what you get. The volume mount form will only ever be the value with the key as a filename.

-- coderanger
Source: StackOverflow
8/21/2021

I figured it out. Use the desired format in the AWS Secrets Manager itself, so in the "Secret value" part, select "Plaintext" and put testkey=datepie in the box. The "Secret key/value" tab will no longer be usable, which is not an issue.

enter image description here

-- Nova
Source: StackOverflow