Google Secrets
The google_secret_data
helper fetches secret data that is designed to be in one single file from Google Secrets.
Example
For example if you have these secret values stored as one file with multiple values separated by =
.
$ gcloud secrets versions access latest --secret demo-dev-secret-data
KEY1=secretvalue1
KEY2=secretvalue2
Kubes can fetch the secret data and base64 encode the values properly. Example:
.kubes/resources/shared/secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: demo
labels:
app: demo
data:
<%= google_secret_data("demo-dev-secret-data") %>
Notice how the text is idented properly by 2 spaces and the values are automatically base64 encoded.
.kubes/output/shared/secret.yaml
metadata:
namespace: demo
name: demo-2a78a13682
labels:
app: demo
apiVersion: v1
kind: Secret
data:
KEY1: c2VjcmV0dmFsdWUx
KEY2: c2VjcmV0dmFsdWUy
Options
Here’s an example of the available options for google_secret_data
.
google_secret_data("demo-#{Kubes.env}-secret-data", base64: true, ident: 2)