KSecretManager

Kustomize plugin to load secrets from Secret Manager

Install the plugin where kustomize can find it, see the documentation.

Add a the generator to your kustomization.yaml:

resources:
  - ...
generators:
  - my-secret.yaml

Create my-secret.yaml:

apiVersion: github.com/julienp
kind: SecretManager
metadata:
  name: the-secret
secrets:
  - name: some_database_password # The name as specified in Google Secrets manager
  - name: another_secret
    key: ANOTHER_SECRET # optional, the key to use in the k8s Secret

Provide PROJECT_ID as env variable when running kustomize:

make build
PROJECT_ID=<my project id> KUSTOMIZE_PLUGIN_HOME=`pwd`/bin kustomize build --enable_alpha_plugins ./example

DRY_RUN as env variable to mock the creation of secrets, useful if we don't want this plugin to hit secrets manager.

make build
DRY_RUN=1 PROJECT_ID=<my project id> KUSTOMIZE_PLUGIN_HOME=`pwd`/bin kustomize build --enable_alpha_plugins ./example

This will generate the following secret:

apiVersion: v1
kind: Secret
metadata:
  name: the-secret
type: Opaque
data:
  some_database_password: <value>
  ANOTHER_SECRET: <value>

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
.github/workflows		.github/workflows
cmd		cmd
example		example
.gitignore		.gitignore
.goreleaser.yml		.goreleaser.yml
Makefile		Makefile
README.md		README.md
go.mod		go.mod
go.sum		go.sum

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.github/workflows

.github/workflows

cmd

cmd

example

example

.gitignore

.gitignore

.goreleaser.yml

.goreleaser.yml

Makefile

Makefile

README.md

README.md

go.mod

go.mod

go.sum

go.sum

Repository files navigation

KSecretManager

About

Releases 3

Packages

Contributors 2

Languages

julienp/ksecretmanager

Folders and files

Latest commit

History

Repository files navigation

KSecretManager

About

Topics

Resources

Stars

Watchers

Forks

Languages