How to Pass a Kubernetes Secret into a Helm Chart

By
William Rossbach
-
0
1
Asked By CodingNinja42 On

Hey everyone! I'm really struggling with trying to pass a variable/secret into a Helm chart. I have this secret created in Kubernetes:

```yaml
apiVersion: v1
kind: Secret
metadata:
name: some-secret
namespace: somenamespace
type: Opaque
stringData:
TOKEN: "1233xxxxxx"
```

Now, I'm trying to inject this secret into my Helm chart, which is actually an umbrella chart with another chart as a dependency. Here's the relevant part of my Helm template:

```yaml
apiVersion: grafana.integreatly.org/v1beta1
kind: GrafanaDatasource
metadata:
name: prometheus-datasource
namespace: somenamespace
spec:
instanceSelector: {}
allowCrossNamespaceImport: true
datasource:
access: proxy
database: prometheus
jsonData:
timeInterval: 1m
enableSecureSocksProxy: true
secureSocksProxyUsername : "xxxxxxxx" # I want this to be filled with the TOKEN from my secret
name: prometheus-local
type: prometheus
url: someurl:9090
```

I've spent a ton of time on this and could really use some help! It feels like this should be simpler than it is.

4 Answers

Answered By CloudWizard101 On

I get where you're coming from; dealing with Helm and Kubernetes secrets can be really tricky! If you're interested, my team developed a platform that could help automate some of these issues, especially for managing secrets across different environments. I'd love to chat about your setup or show you a demo to potentially ease some of this pain. Either way, hope you get it sorted out soon!

Answered By DockerDude99 On

Does your dependency chart provide a value for specifying the name of the secret? That's usually my go-to method. If not, you might have to add it to the relevant pod/deployment as an environment variable using `fromSecret`. Another way is to mount it as a file if the chart supports that. By the way, is the chart you're using public? If it’s a Grafana data source, you might be able to define your settings using environment variables instead!

Answered By HelmWhiz007 On

I totally understand your frustration—working with Helm and secrets can be a real pain! Helm doesn't access Kubernetes secrets during the template rendering phase, which is why you're running into this issue. Typically, you’d reference the secret as an environment variable in your deployment instead of trying to inject it directly. If you can modify the resource to pull the secret at runtime, that might work better. If you can share more details about your chart structure, maybe we can brainstorm some solutions!

Answered By K8S_Guru78 On

You should check out how to use `valueFrom` in the Grafana documentation. It can help you link to the secret without a hassle. Just take a look here: https://grafana.github.io/grafana-operator/docs/datasources/.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.