added Secrets documentation

2025-11-23 11:39:49 +00:00
parent d6359cdd20
commit 6911b2b98d
1 changed files with 82 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -18,6 +18,11 @@ Kubernetes is an open‑source platform that automates the deployment, scaling,
    - [control plane - NoSchedule](#control-plane---noschedule)
  - [Resources](#resources)
  - [Services Accounts](#services-accounts)
 - [Secrets](#secrets)
  - [Manifest - Opaque / Base64](#manifest---opaque--base64)
  - [Manifest - StringData](#manifest---stringdata)
  - [Inline with heredoc and environment variables](#inline-with-heredoc-and-environment-variables)
  - [substr](#substr)
 ## k3s
@@ -208,3 +213,80 @@ kubectl get secret <secret_name> -o jsonpath='{.data.token}' | base64 -d > ./ser
 ```bash
 kubectl config view --raw -o jsonpath='{.clusters[0].cluster.certificate-authority-data}' 
 ```
 ## Secrets
 ### Manifest - Opaque / Base64
 ```yaml
 apiVersion: v1
 kind: Secret
 metadata:
  name: secret-name
  namespace: namespace-name
 type: Opaque
 data:
  SERVER_ADDRESS: MTI3LjAuMC4x # 127.0.0.1 BASE64
 ```
 ### Manifest - StringData
 ```yaml
 apiVersion: v1
 kind: Secret
 metadata:
  name: secret-name
  namespace: namespace-name
 stringData:
  SERVER_ADDRESS: 127.0.0.1
 ```
 ### Inline with heredoc and environment variables
 ``` bash
 SERVER_ADDRESS=127.0.0.1
 kubectl apply -f - <<EOF
 apiVersion: v1
 kind: Secret
 metadata:
  name: secret-name
  namespace: namespace-name
 stringData:
  SERVER_ADDRESS: ${SERVER_ADDRESS}
 EOF
 ```
 ### substr
 **yaml secret template:**
 ``` yaml
 # ./secret.yaml
 apiVersion: v1
 kind: Secret
 metadata:
  name: secret-name
  namespace: namespace-name
 stringData:
  SERVER_ADDRESS: ${SERVER_ADDRESS}
 ```
 ``` bash
 export SERVER_ADDRESS="127.0.1"
 envsubst < ./secret.yaml | kubectl apply -f -
 ```
 **env file and envsubst:**
 ``` bash
 #---
 # ./.env
 # content:
 # SERVER_ADDRESS=127.0.0.1
 #---
 set -a
 source ./.env
 set +a
 envsubst < ./secret.yaml | kubectl apply -f -
 ```