Home > Software design >  How to use Kubernetes secret object stringData to store base64 encoded privateKey
How to use Kubernetes secret object stringData to store base64 encoded privateKey

Time:07-05

apiVersion: v1
kind: Secret
metadata:
  name: {{ include "backstage.fullname" . }}-backend
type: Opaque
stringData:
  GH_APP_PRIVATEKEY_BASE:|-
{{ .Values.auth.ghApp.privateKey | quote | b64dec | indent 2 }}

Getting error converting YAML to JSON: yaml: line 22: could not find expected ':' as the result when

trying to store a base64 encoded string to GH_APP_PRIVATEKEY_BASE

My application (backstage) is using helm charts to map the env secret.

I keep having trouble with storing/passing multi-line RSA. private key,

Currently trying to base64 encoded private key into one-liner, but still failed at validating the secret file. Would love to know other approach like passing a file with key written on it?

BTW, I use GITHUB_PRVATE_KEY=$(echo -n $GITHUB_PRVATE_KEY | base64 -w 0) and

helm_overrides="$helm_overrides --set auth.ghApp.clientSecret=$GITHUB_PRVATE_KEY"

at GitHub action to encoded the private key.

CodePudding user response:

Try increase the indent to 4:

...
stringData:
  GH_APP_PRIVATEKEY_BASE: |-
{{ .Values.auth.ghApp.privateKey | quote | b64dec | indent 4 }}

CodePudding user response:

GH_APP_PRIVATEKEY_BASE:|-

You need a space in there GH_APP_PRIVATEKEY_BASE: |-

Also not sure why you have a b64dec in there but I don't think that's the immediate problem.

  • Related