vals
vals copied to clipboard
helmfile
Decoding of Kubernetes Secrets fails when Secret has both data and stringData
When a Secret has both data and stringData, vals fails to decode it with mapping key "stringData" already defined at line x.
My guess from the error message is that vals tries to add a new stringData key instead of merging data with the existing one.
-
With only
dataorstringData, vals works well:$ cat secret.yaml --- apiVersion: v1 kind: Secret type: Opaque metadata: name: test data: MY_SUPER_SECRET: "[REDACTED]" $ vals eval --decode-kubernetes-secrets < secret.yaml apiVersion: v1 data: MY_SUPER_SECRET: MTIzYWJj kind: Secret metadata: name: test type: Opaque$ cat secret.yaml --- apiVersion: v1 kind: Secret type: Opaque metadata: name: test stringData: MY_SUPER_SECRET: "[REDACTED]" $ vals eval --decode-kubernetes-secrets < secret.yaml apiVersion: v1 data: MY_SUPER_SECRET: MTIzYWJj kind: Secret metadata: name: test type: Opaque -
With both
dataandstringData, regardless of where the reference is set, vals fails:$ cat secret.yaml --- apiVersion: v1 kind: Secret type: Opaque metadata: name: test data: foo: YmFy stringData: MY_SUPER_SECRET: "[REDACTED]" $ vals eval --decode-kubernetes-secrets < secret.yaml yaml: unmarshal errors: line 9: mapping key "stringData" already defined at line 7 $ vals ksdecode -f secret.yaml yaml: unmarshal errors: line 9: mapping key "stringData" already defined at line 7$ cat secret.yaml --- apiVersion: v1 kind: Secret type: Opaque metadata: name: test data: MY_SUPER_SECRET: "[REDACTED]" stringData: foo: bar $ vals eval --decode-kubernetes-secrets < secret.yaml yaml: unmarshal errors: line 9: mapping key "stringData" already defined at line 7 $ vals ksdecode -f secret.yaml yaml: unmarshal errors: line 9: mapping key "stringData" already defined at line 7
I’m running the latest version:
$ vals version
Version: 0.37.5
Git Commit: 4e977c561c3f09b8f16845e55cb8b72f1ae4d8b6
