I have worked on grabbing Kubernetes secrets with a .yml file for weeks, but to no avail. My script is currently triggered by a KafkaTrigger, which cannot pull in secrets from Kubernetes. Grabbing the secrets, we are left with two possibilities: 1) pull in secrets from python or 2) create a second .yml file. Option 1) is not possible, since I would still need an .ssh key in my requirements.txt file, exposing an internal code base. Ideally, the .yml could pull in the .ssh key. My question is: how could you create a .yml file with two scripts running, a) the KafkaTrigger, and b) the code which pulls in secrets? The KafkaTrigger should not change, so what changes can I make to get the .yml logic to work? In particular, are the apiVersions and kind correct? Do I need an image for this code to work?
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-bot-grab-secrets
namespace: name
spec:
template:
spec:
containers:
- name: test-bot-grab-secrets
image: img
env:
- name: SQL_URI
valueFrom:
secretKeyRef:
name: SECRET_NAME
key: SQLALCHEMY_URI
Please tell me if these questions are not clear! Thanks!