Skip to content

Instantly share code, notes, and snippets.

@jmervine

jmervine/test-external-secrets.yaml

Last active April 18, 2019 18:17
Show Gist options
  • Save jmervine/682a1265c4cefae61b9d48a2e67e9c63 to your computer and use it in GitHub Desktop.
Save jmervine/682a1265c4cefae61b9d48a2e67e9c63 to your computer and use it in GitHub Desktop.
Download ZIP
godaddy external-secrets test
Raw
test-external-secrets.yaml
---
apiVersion: 'kubernetes-client.io/v1'
kind: ExternalSecret
metadata:
name: test-external-secrets
namespace: default
secretDescriptor:
backendType: secretsManager
data:
- key: /splunk/license
name: splunk_license
---
# This is optional as ExternalSecret will create it if it doesn't exist,
# however, it will ensure that the 'secret' entry is removed if delete is run on
# this file.
apiVersion: v1
kind: Secret
metadata:
name: test-external-secrets
namespace: default
type: Opaque
---
apiVersion: v1
kind: Pod
metadata:
name: test-external-secrets
namespace: default
spec:
containers:
- name: test-external-secrets
image: "ruby:latest"
command:
- "ruby"
- "-rbase64"
- "-e"
- "puts Base64.decode64(ENV.fetch('SPLUNK_LICENSE'))"
# Using 'ENV.fetch' above ensure that this container will go in to a
# failure loop until the secret is set and exists.
env:
- name: SPLUNK_LICENSE
valueFrom:
secretKeyRef:
name: test-external-secrets
key: splunk_license
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment