Interpolation issues with K8s mutating webhook
SalvaFiorenza8 opened this issue · 3 comments
After creating the mutating webhook using the docs,a secret:
berglas create secrets-bucket/my-secret "foo<bar" --key ${KMS_KEY}
a dockerized application in Flask:
import os
from flask import Flask
app = Flask(__name__)
@app.route('/')
def env_var():
return f"I have this env var! MY_SECRET={os.getenv('MY_SECRET')}"
and a K8s deployment:
...
command: ["flask", "run"]
args: ["--host", "0.0.0.0"]
env:
- name: MY_SECRET
value: berglas://secrets-bucket/my-secret
...
I expect to see in my browser the following message:
I have this env var! MY_SECRET=foo<bar
Instead I see:
I have this env var! MY_SECRET=foo
but if i execute
berglas access secrets-bucket/my-secret
I receive the correct value foo<bar
. So I suspect at some point, the webhook is interpolating the characters in the secret, I'm not used to K8s, Cloud Functions or Go yet and haven’t had a chance to check the cause properly. Other char that is also failing to show correctly is $
Can you view the page source? I suspect your browser is interpreting <bar
as the start of an html tag and therefore you don't see it...
Yeah that's rigth. The value appears at the HTML source. Thanks!
This issue has been automatically locked since there has not been any
recent activity after it was closed. Please open a new issue for
related bugs.