helm-secrets
helm-secrets copied to clipboard
doesnt decode secret file
I have a secret file, that is my dockerconfigjson for a private repository. I am able to encode this json string no worries, and then decode it no worries manually.
However passing it into comand:
helm template . -f values/local.values.yaml -f secrets/docker.secret.yaml -f secrets/local.secrets.yaml > template.yaml
I look at the output and it is the same encoded value.
apiVersion: v1
kind: Secret
metadata:
name: docker-secret
# uid: 51a2d001-9b41-11e9-b591-0800274eb36e
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {{ .Values.docker_auth_secret | b64enc | quote }}
when this is compiled. the b64enc is equal to the encoded value.
ENC[AES256_GCM,data:....]
I have another secret file, which actually works no problem. So it must be something to do with the value. it is quite a long value because its a json string.
Ok the solution was because of the way the file was named. I assumed that it would just look at the file contents and if there is a sops then it would decode it. However it seemed to only accept secrets.yaml
and secrets.*.yaml
files.
is it possible to change this pattern at all ? so it can be .secrets?.yaml$
.
Yes this is a real annoyance. I created ticket #128 for this. Seems like the fix should be really easy to allow additionally secrets-something which is more intuitive for describing the secrets file.