I'm struggling at having secrets read using application.yml.
When I do:
quarkus:
application:
name: pi-quarkus-fund-persistence-service
kubernetes-config:
enabled: true
fail-on-missing-config: false
config-maps: pi-quarkus-fund-persistence-service-configmap
secrets: pi-quarkus-fund-persistence-service-secrets
enabled: true
The build fails with:
Failed to build quarkus application: mapping values are not allowed here
in 'reader', line 16, column 20:
enabled: true
^
When:
quarkus:
application:
name: pi-quarkus-fund-persistence-service
kubernetes-config:
enabled: true
secrets.enabled: true
fail-on-missing-config: false
config-maps: pi-quarkus-fund-persistence-service-configmap
secrets: pi-quarkus-fund-persistence-service-secrets
The build fails with:
Unrecognized configuration key "quarkus.kubernetes-config."secrets.enabled"" was provided; it will be ignored; verify that the dependency extension for this configuration is set or you did not make a typo
When:
quarkus.kubernetes-config.secrets.enabled: true
quarkus:
application:
name: pi-quarkus-fund-persistence-service
kubernetes-config:
enabled: true
fail-on-missing-config: false
config-maps: pi-quarkus-fund-persistence-service-configmap
secrets: pi-quarkus-fund-persistence-service-secrets
The build succeed but the service fails at startup with:
Configuration is read from Secrets [pi-quarkus-fund-persistence-service-secrets], but quarkus.kubernetes-config.secrets.enabled is false. Check if your application's service account has enough permissions to read secrets.
When I look at this commit: https://github.com/quarkusio/quarkus/commit/93f00af9444deafe950afa1fad60f56fceb81ca3
Line 48: // TODO: should probably use converter here
Could it be because the property is not converted from yaml?
I think this is just about how to write the correct YAML. It should be:
In retrospect,
quarkus.kubernetes-config.secrets.enabledwasn't the best choice for this config property, sorry about that :-(