Home > Enterprise >  Helm concatenate secretKeyRef into one env var
Helm concatenate secretKeyRef into one env var

Time:11-19

I am using helm 3, and would like to concatenate 3 secretRefKeys into a single value of Env Var.

This is my cronjob.yaml file:

apiVersion: batch/v1
kind: CronJob 
metadata:
  name: my-cronjob
spec:
  schedule: {{ .Values.cron }}
  jobTemplate:
    spec:
      template:
        spec:
          initContainers:
                - name: PREFIX
                  valueFrom:
                    secretKeyRef:
                      name: {{ .Values.secretName }}
                      key: prefix
                - name: ENV
                  valueFrom:
                    secretKeyRef:
                      name: {{ .Values.secretName }}
                      key: env
                - name: SUFFIX
                  valueFrom:
                    secretKeyRef:
                      name: {{ .Values.secretName }}
                      key: suffix
                - name: URL_FULL
                  value: $(PREFIX)$(ENV)$(SUFFIX)
          containers:
           .
           .
           .
           .
           .

I expect the value of URL_FULL to be the actual values of prefix env suffix concatenated.

But what I get with helm template command is literally what I write in the value:

            - name: URL_FULL
              value: $(PREFIX)$(ENV)$(SUFFIX)

Thanks in advance.

CodePudding user response:

That's correct; when you submit the pod spec to the Kubernetes API it will contain that literal string including the $(...) references (and also the secretRef: blocks and not the values of the secrets).

When Kubernetes creates the Pods and starts the containers, at that point the cluster itself will fill in all of the environment variables and do the string concatenation. If this were a Deployment, you'd be able to verify this by running

kubectl exec deployment/my-deployment -it -- \
  sh -c 'echo $URL_FULL'

(In a Job or CronJob you'd probably have to instrument the service itself to see this.)

CodePudding user response:

helm template is not going to resolve those environment variables, it is just going to render the template, as the documentation states.

You will need to deploy the chart. I've made a simple example:

apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: nginx
spec:

  volumes:
    - name: shared-volume
      emptyDir: {}
  initContainers:
    - name: busybox
      image: busybox
      volumeMounts:
        - name: shared-volume
          mountPath: /nginx-data
      command: ["/bin/sh"]
      # sleep so that we could exec into it
      args: ["-c", "sleep 6000"]

      env:
        - name: PROP_ONE
          valueFrom:
            secretKeyRef:
              key: one
              name: secret-sample
        - name: PROP_TWO
          valueFrom:
            secretKeyRef:
              key: two
              name: secret-sample
        - name: PROP_THREE
          value: $(PROP_ONE)
  containers:
    - name: nginx
      image: nginx
      volumeMounts:
        - name: shared-volume
          mountPath: /usr/share/nginx/html

You can then issue :

helm install foo  .

Then issue a helm ls to see that it's there in the cluster.

Even if you now do a :

kubectl describe pod nginx | grep PROP_THREE

you will see that the reference is:

PROP_THREE:  $(PROP_ONE)

If you really want to see that env variable, you will have to exec into the container (I do not know of another way):

kubectl exec -it nginx -c busybox -- /bin/sh

And then:

   env | grep PROP_THREE
   PROP_THREE=bar

to see that it is resolved correctly.

Page link:https//www.codepudding.com/Enterprise/196773.html

Prev:Iterate Firestore Data using "ngx-datatable" in Angular
Next:Access minikube from inside docker/docker-compose on Linux
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding