Home > front end >  Kubernetes secret generated
Kubernetes secret generated

Time:06-16

I want to put the following yaml as kubernetes secret with terraform:

type: GCS
config:
  bucket: bucket-name
  service_account: |-
    {
      "type": "service_account",
      "project_id": "project-id-34657345",
      "private_key_id": "fdsaf7sdfa90f87sd9f80",
      "private_key": "-----BEGIN PRIVATE KEY-----\nñlfjdlñkasjfasdñklfjsdklñaf\n-----END PRIVATE KEY-----\n",
      "client_email": "[email protected]",
      "client_id": "6745876867",
      "auth_uri": "https://accounts.google.com/o/oauth2/auth",
      "token_uri": "https://oauth2.googleapis.com/token",
      "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
      "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/[email protected]"
    }

But my code is generating the below yaml:


"config": |
  "bucket": "bucket-name"
  "service_account": |
    {
      "type": "service_account",
      "project_id": "project-id-34657345",
      "private_key_id": "fdsaf7sdfa90f87sd9f80",
      "private_key": "-----BEGIN PRIVATE KEY-----\nñlfjdlñkasjfasdñklfjsdklñaf\n-----END PRIVATE KEY-----\n",
      "client_email": "[email protected]",
      "client_id": "6745876867",
      "auth_uri": "https://accounts.google.com/o/oauth2/auth",
      "token_uri": "https://oauth2.googleapis.com/token",
      "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
      "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/[email protected]"
    }
"type": "GCS"

My terraform code:

locals {
  service_account_value = base64decode(var.json_key)

  thanos_config = yamlencode(
    {
      type = "GCS"
      config = yamlencode(
        {
          bucket          = var.bucket_name
          service_account = local.service_account_value
        }
      )
    }
  )
}

resource "kubernetes_secret" "secret" {
  metadata {
    name = var.secret_name
    namespace = var.namespace
  }
  data = {
    thanos-config = local.thanos_config
  }
}

The generated secret with terraform doesn't work, If I create the secret manually with the first yaml everything is fine... Any idea? What I'm missing?

CodePudding user response:

Thanks to Marko E comment I realize that the yamlencode after config wasn't necessary. Final code:

locals {
  service_account_value = base64decode(var.json_key)

  thanos_config = yamlencode(
    {
      type = "GCS"
      config = {
        bucket          = var.bucket_name
        service_account = local.service_account_value
      }
    }
  )
}

Page link:https//www.codepudding.com/frontend/443959.html

Prev:docker-compose to K8S deployment
Next:Curl -X in GET and POST request. Do I need -X?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding