2f6e008121
This introduces support for looking up secret values in the 'pass' command line tool (https://www.passwordstore.org/). Values like passwords can be interpolated from pass and even more complex structures like certificates for Kubernetes Secrets can be retrieved and base64- encoded as necessary. Fixes #2
41 lines
787 B
YAML
41 lines
787 B
YAML
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: secret-certificate
|
|
data:
|
|
cert.pem: {{ passLookup "my/secret/certificate" | b64enc }}
|
|
---
|
|
apiVersion: extensions/v1beta1
|
|
kind: Deployment
|
|
metadata:
|
|
name: some-api
|
|
spec:
|
|
replicas: 1
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: some-api
|
|
spec:
|
|
containers:
|
|
- image: my.container.repo/some-api:{{ .version }}
|
|
name: some-api
|
|
env:
|
|
- name: ENABLE_IMPORTANT_FEATURE
|
|
value: {{ .importantFeature }}
|
|
- name: SOME_GLOBAL_VAR
|
|
value: {{ .globalVar }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: some-api
|
|
labels:
|
|
app: some-api
|
|
spec:
|
|
selector:
|
|
app: some-api
|
|
ports:
|
|
- port: 80
|
|
targetPort: {{ .apiPort }}
|
|
name: http
|