I am mounting db secrets as a file in my Kubernetes container. Db secrets will get updated after the password expiry time. I am using polling mechanism to check if Db secrets has been reset to updated value. Is it possible to change mounted secret inside file.

CodePudding user response：

is secret mounted as file is editable from application code in kubernetes

The file which gets loaded into the container will be loaded in readonly format, so loaded file can't be edited from inside the container. But secret can be edited from either updating the secret or copying the file into different location within the container.

CodePudding user response：

I'm not sure how you did it. Putting the yaml format of pod configuration would help more. for example if you use hostPath to mount a file inside the container, every time you change the source file, you see the changes inside the container. for example

apiVersion: v1
kind: Pod
metadata:
  name: test-pod
spec:
  containers:
  - image: busybox
    name: test-container
    command: ["/bin/sh", "-c", "sleep 36000"]
    volumeMounts:
    - mountPath: /etc/db_pass
      name: password-volume
  volumes:
  - name: password-volume
    hostPath:
      path: /var/lib/original_password
      type: File