Store Service Credentials as Individual Key Value Secrets

Question

Store Service Credentials as Individual Key Value Secrets

Closed this issue 3 years ago · 3 comments

Currently we store the connection info in JSON format in a single secret. A user's request was to have multiple secrets created with a single key value and remove the need to use jq

For example: creating one for Service URI and a separate one for Service User or Service Password.

Answer 1 · 2021-07-26T12:46:08.000Z

Hey @encima, the jq usage is just an example on how to easily decode all the Secrets using the kubectl. You can use base64 as well, as described here.

Within the application (mounting a Secret on a Pod, for example) there's no need to decode.

Storing related secret information in multiple Kubernetes Secret resources is considered an anti-pattern. What would be the use case for such requirement?

Answer 2 · 2021-07-26T12:52:24.000Z

I am assuming they want a secret that is just the PG URI and not the whole object.

Did not know it was an antipattern though, thanks for that. Happy to close as won't do if that is the case.

Answer 3 · 2021-07-28T07:47:25.000Z

I think it is not on our roadmap for now, but we can implement if more people think it's necessary!