We have a spring MVC application deployed using tomcat image in AKS. How to get values from Secrets mounted as volumes?
Most of the examples points to spring boot only
I am mounting values from secret store
kind: Pod
apiVersion: v1
metadata:
name: nginx
namespace: default
labels:
aadpodidbinding: pod-mi
spec:
containers:
- name: nginx
image: nginx
volumeMounts:
- name: foo
mountPath: "/mnt/secrets"
readOnly: true
volumes:
- name: foo
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: spc.
can see the secrets get mounted correctly:
kubectl -n default exec -it nginx -- bash
root@nginx:/# ls /mnt/secrets
service-one-secret
service-two-secret
Cat service-one-secret doesn't return anything
Can any one suggest a way to read its values from spring mvc application?
When you mount the secret as a volume to the container, then it would show the data of the secret in that path. For example, you create a secret with the command:
kubectl create secret generic basic-secret \
--from-literal=username="jsmith" \
--from-literal=password="mysupersecurepassword"
Then you mount the secret as a volume:
...
spec:
volumes:
- name: vol-secret
secret:
secretName: my-secret
containers:
...
volumeMounts:
- name: vol-secret
mountPath: /etc/app/secrets
Then you can see the files named username and password in the path /etc/app/secrets, and the value looks like this:
/ # ls /etc/app/secrets
password user
/ # cat /etc/app/secrets/password
mysupersecurepassword
/ # cat /etc/app/secrets/username
jsmith