Home > OS >  Same secret for different services in k8s
Same secret for different services in k8s

Time:10-27

I have a situation when I want to use one Opaque secret in different service the only difference is that key should have different name:

f.e.

service1 should have env.variable named TOKEN and value SUperPassword111!

service2 should have env.variable named SRV__TOKEN and same value SUperPassword111!

Is it possible to use following secret for those those two service?

Here is the YAML for the secret

kind: Secret
apiVersion: v1
metadata:
  name: some_secret
immutable: false
data:
  TOKEN: U1VwZXJQYXNzd29yZDExMSEK
type: Opaque

CodePudding user response:

The name of an environment variable is specified within the container-spec while the value is referenced with secretKeyRef which specifies the secret to use and the key within this particular secret.

In other words, the name of the environment variable and the key as used in a secret are entirely independent. So, if I understood your question correctly, the answer to it is; yes it is possible.

See https://kubernetes.io/docs/concepts/configuration/secret/ for a detailed explanation and a full example for referencing a secret from a pod.

Here a simple excerpt tailored to your question:

container-spec for "service1"

...
  containers:
  - name: service1
    image: service1-image
    env:
      - name: TOKEN # the name of the env within your container
        valueFrom:
          secretKeyRef:
            name: some_secret
            key: TOKEN # the name as specified in the secret
...

container-spec for "service2"

...
  containers:
  - name: service1
    image: service1-image
    env:
      - name: SRV__TOKEN # the name of the env within your container
        valueFrom:
          secretKeyRef:
            name: some_secret
            key: TOKEN # the name as specified in the secret
...
  • Related