Home > front end >  Springboot: How to reference a variable from Kubernetes secret
Springboot: How to reference a variable from Kubernetes secret

Time:12-22

I have springboot2.4.0. I am trying to read a variable in K8s secret by using springboot @Value and application.properties but it doesn't work out. It can only print localxyz instead of dXNlcg==("user"). Anything I'm doing wrong?

My springboot property holder

@Component
@Getter
public class PropertyHolder {
    @Value("${secret.abc}")
    private String abc;
}

Application.properties

secret.abc=localxyz
#---
spring.config.activate.on-profile=dev
secret.abc=${AAA}//Is this right?

secret.yaml

apiVersion: v1
kind: Secret
metadata:
  name: secret.abc
data:
  abc: dXNlcg==

deployment.yml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: test-ing-app
spec:
  replicas: 1
  selector:
    matchLabels:
      app: test-ing-app
  template:
    metadata:
      labels:
        app: test-ing-app
    spec:
      containers:
      - name: config-demo
        image: xxxxx
        env:      
        - name: SPRING_PROFILE
          value: dev
        - name: SPRING_APPLICATION_JSON
          valueFrom:
            configMapKeyRef:
              name: spring-config
              key: dev-config.json
        - name: AAA # Is this just a arbitrary name?
          valueFrom:
            secretKeyRef:
              name: secret.abc
              key: abc
        ports:
        - containerPort: 8080

CodePudding user response:

AAA is not arbitrary. You will have to use this name in your application.properties to get the value as shown below

secret.abc=${AAA}

Deployment:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: test-ing-app
spec:
  replicas: 1
  selector:
    matchLabels:
      app: test-ing-app
  template:
    metadata:
      labels:
        app: test-ing-app
    spec:
      containers:
      - name: config-demo
        image: xxxxx
        env:      
        - name: SPRING_PROFILE
          value: dev
        - name: SPRING_APPLICATION_JSON
          valueFrom:
            configMapKeyRef:
              name: spring-config
              key: dev-config.json
        - name: AAA # Is this just a arbitrary name?
          valueFrom:
            secretKeyRef:
              name: secretabc
              key: abc
        ports:
        - containerPort: 8080

Also, your secretKeyRef name appears to be mismatching. Change to name: secretabc in your deployment.yaml. db-secret seems to be undefined

CodePudding user response:

The key-value in application.properties after the #--- won't be read.(There could be a way to make it work but I don't know)

secret.abc=localxyz
#---
spring.config.activate.on-profile=dev
secret.abc=${AAA}//Is this right?

So in my application

@Value("${secret.abc}")
    private String abc;

will only read secret.abc=localxyz. But by using kubectl exec pod123 -- printenv I do see AAA available. So the code need to be changed to

@Value("${AAA}")
    private String abc;

then it can read from the secret.

  • Related