Question

我有一个带有某些键的json文件：

{
  "a":"someval"
  "b":"someval"
  .. more keys
}

如何将这些密钥添加到kubernetes中的秘密中？

当我尝试$ kubectl create secret generic mysecret --from-file=file.json时，它会返回包含文件的机密，但是我想将文件的内容映射到机密，而不是将文件添加为机密。

>

输出：

$ kubectl get secret -n staging personalbillett-auth0-login-credentials -o yaml

apiVersion: v1
data:
  file.json: #base64 encoded stuff here.
kind: Secret

想要的输出：

$ kubectl get secret mysecret -o yaml

apiVersion: v1
data:
  a: someval
  b: someval
kind: Secret

我在做什么错？

Answer 1

尝试这些步骤

kubectl proxy --port 8000 &  
curl localhost:8000/api/v1/namespaces/default/secrets 

curl localhost:8000/api/v1/namespaces/default/secrets \
  -X POST -H "Content-Type: application/json" \
  --data '{"metadata":{"name":"mytest"},"stringData":{"a":"test","b":"test","c":"test"}}'

master $ curl localhost:8000/api/v1/namespaces/default/secrets/mytest{
  "kind": "Secret",
  "apiVersion": "v1",
  "metadata": {
    "name": "mytest",
    "namespace": "default",
    "selfLink": "/api/v1/namespaces/default/secrets/mytest",
    "uid": "55736602-725e-11e9-b3a2-0242ac110034",
    "resourceVersion": "2948",
    "creationTimestamp": "2019-05-09T13:28:29Z"
  },
  "data": {
    "a": "dGVzdA==",
    "b": "dGVzdA==",
    "c": "dGVzdA=="
  },
  "type": "Opaque"
}

Answer 2

如果您具有扁平（非嵌套）JSON，请尝试以下操作（假设您已安装jq工具）：

kubectl create secret generic test --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" YOUR_FILE.json)

Answer 3

创建这样的json文件：

import org.jsoup.Jsoup;
import org.jsoup.nodes.Document;
import org.jsoup.nodes.Element;

public class WebScrape {
    public static void main(String[] args) throws Exception {
        Scanner scanner = new Scanner(System.in);
        System.out.println("Ticker: ");
        String userInput = scanner.next();
        final String url = "https://finviz.com/quote.ashx?t=" + userInput;

        try {
            final Document document = Jsoup.connect(url).get();
            ArrayList<String> dataArray = new ArrayList<>();
            for (Element row : document.select("table.fullview-title tr")) {
                if ( !row.select("td.fullview-title:nth-of-
                        type(2)").text().contentEquals("")) {
                        String data = row.select("td.fullview-title:nth-of-
                                type(2)").text();
                                dataArray.add(data);
            }

            System.out.println(dataArray);
        } catch (Exception ex) {
            ex.printStackTrace();
        }
    }
}

然后将其通过管道传递到kubectl create：

{ 
  "metadata": {
    "annotations": {},
    "name": "mytest",
    "namespace": "default"
  },
  "apiVersion": "v1",
  "kind": "Secret",
  "data": {
    "a": "dGVzdA==",
    "b": "dGVzdA=="
  }
}

Answer 4

您可以使用--from-literal：

kubectl create secret generic secretname --from-literal "someJsonKey=$(cat somejsonfile.json)"

然后您可以使用来恢复数据

kubectl get secret secretname -o 'go-template={{ .data.someJsonKey | base64decode }}'

从.json文件创建kubernetes机密

4 个答案: