Secret update k8s

From UVOO Tech Wiki
Revision as of 15:30, 28 February 2024 by Busk (talk | contribs) (Created page with "# OK kubectl create secret generic ssl-certs --from-file=ca-certificates.crt=./etc-ssl-certs/ca-certificates.crt --save-config --dry-run=client -o yaml | kubectl apply --serve...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

OK

kubectl create secret generic ssl-certs --from-file=ca-certificates.crt=./etc-ssl-certs/ca-certificates.crt --save-config --dry-run=client -o yaml | kubectl apply --server-side=true -f -

Better

https://stackoverflow.com/questions/45879498/how-can-i-update-a-secret-on-kubernetes-when-it-is-generated-from-a-file 

TLS_KEY=$(base64 < "./tls.key" | tr -d '\n')
TLS_CRT=$(base64 < "./tls.crt" | tr -d '\n')
kubectl get secrets production-tls -o json \
        | jq ".data[\"tls.key\"] |= \"$TLS_KEY\"" \
        | jq ".data[\"tls.crt\"] |= \"$TLS_CRT\"" \
        | kubectl apply -f -

Patch

kubectl \
        patch \
        secret \
        production-tls \
        -p "{\"data\":{\"tls.key\":\"${TLS_KEY}\",\"tls.crt\":\"${TLS_CRT}\"}}"
Retrieved from "https://tech.uvoo.io/index.php?title=Secret_update_k8s&oldid=5058"