Secrets are used sensitive information like user names and passwords. Creating a secret is fairly easy. We need to create a hash and store it into a secret:
Example
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: pgpool-secret
namespace: db-test
annotations:
sealedsecrets.bitnami.com/namespace-wide: "true"
spec:
encryptedData:
BACKEND_PASSWORD0: HASH_VALUE
template:
metadata:
name: pgpool-secret
namespace: db-test
annotations:
sealedsecrets.bitnami.com/namespace-wide: "true"
After that we can use this secret into a deployment for example:
Usage
apiVersion: apps/v1
kind: Deployment
metadata:
name: pgpool
namespace: db-test
spec:
replicas: 3
selector:
matchLabels:
app: pgpool
template:
metadata:
labels:
app: pgpool
spec:
containers:
- name: pgpool
image: pgpool/pgpool
envFrom:
- secretRef:
name: pgpool-secret <- THIS
- configMapRef:
name: pgpool-volume
- configMapRef:
name: pgpool-config
volumeMounts:
- name: pgpool-volume
mountPath: /config
- name: secret-volume
mountPath: /etc/secrets
readOnly: true
volumes:
- name: pgpool-volume
configMap:
name: pgpool-volume
- name: secret-volume
secret:
secretName: pgpool-secret
This will export this variable: BACKEND_PASSWORD0