Home > OS >  Using kubernetes secret env var inside another env var
Using kubernetes secret env var inside another env var

Time:01-22

I have a secret being used as env var in another env var as follows:

- name: "PWD"
  valueFrom:
    secretKeyRef:
      name: "credentials"
      key: "password"
- name: HOST
  value: "xyz.mongodb.net"
- name: MONGODB_URI 
  value: "mongodb srv://user:$(PWD)@$(HOST)/db_name?"

When i exec into the container and run env command to see the values of env i see -

mongodb srv://user:password123  
@xyz.mongodb.net/db_name?

The container logs show error as authentication failure. Is this something that is expected to work in kubernetes ? There docs talk about dependent env vars but do not give example using secrets. Did not find clear explanation on this after extensive search. Only found this one article doing something similar.

Some points to note -

  • The secret is a sealed secret.
  • This is the final manifest's contents, but all this is templated using helm.
  • The value is being used inside a spring boot application

Is the new line after 123 expected ? If this evaluation of env from a secret in another env is possible then what am I doing wrong here ?

CodePudding user response:

The issue was with the command used to encode the secret - echo "pasword" | base64. The echo adds a newline character at the end of the string. Using echo -n "password" | base64 fixed the secret. Closing the issue.

  • Related