added Secrets documentation

README.md

@@ -18,6 +18,11 @@ Kubernetes is an open‑source platform that automates the deployment, scaling,
     - [control plane - NoSchedule](#control-plane---noschedule)
   - [Resources](#resources)
   - [Services Accounts](#services-accounts)
+- [Secrets](#secrets)
+  - [Manifest - Opaque / Base64](#manifest---opaque--base64)
+  - [Manifest - StringData](#manifest---stringdata)
+  - [Inline with heredoc and environment variables](#inline-with-heredoc-and-environment-variables)
+  - [substr](#substr)
 
 ## k3s
 
@@ -208,3 +213,80 @@ kubectl get secret <secret_name> -o jsonpath='{.data.token}' | base64 -d > ./ser
 ```bash
 kubectl config view --raw -o jsonpath='{.clusters[0].cluster.certificate-authority-data}' 
 ```
+
+## Secrets
+
+### Manifest - Opaque / Base64
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: secret-name
+  namespace: namespace-name
+type: Opaque
+data:
+  SERVER_ADDRESS: MTI3LjAuMC4x # 127.0.0.1 BASE64
+```
+
+### Manifest - StringData
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: secret-name
+  namespace: namespace-name
+stringData:
+  SERVER_ADDRESS: 127.0.0.1
+```
+
+### Inline with heredoc and environment variables
+
+``` bash
+SERVER_ADDRESS=127.0.0.1
+kubectl apply -f - <<EOF
+apiVersion: v1
+kind: Secret
+metadata:
+  name: secret-name
+  namespace: namespace-name
+stringData:
+  SERVER_ADDRESS: ${SERVER_ADDRESS}
+EOF
+```
+
+### substr
+
+**yaml secret template:**
+
+``` yaml
+# ./secret.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: secret-name
+  namespace: namespace-name
+stringData:
+  SERVER_ADDRESS: ${SERVER_ADDRESS}
+```
+
+``` bash
+export SERVER_ADDRESS="127.0.1"
+envsubst < ./secret.yaml | kubectl apply -f -
+```
+
+**env file and envsubst:**
+
+``` bash
+#---
+# ./.env
+# content:
+# SERVER_ADDRESS=127.0.0.1
+#---
+set -a
+source ./.env
+set +a
+envsubst < ./secret.yaml | kubectl apply -f -
+
+```