pythongoogle-cloud-platformgoogle-secret-manager

How do I access mounted secrets when using Google Cloud Run?


I have two questions:

  1. Why can't I mount two cloud secrets in the same directory?

    I have attempted to mount two secrets, FIREBASE_AUTH_SERVICE_ACCOUNT and PURCHASE_VALIDATION_SERVICE_ACCOUNT in the directory:

    flask_app/src/services/firebase/service_accounts/

    However I get this error, when attempting to do this: spec.template.spec.containers[0].volume_mounts[1].mount_path, Duplicate volume mount paths are forbidden Why is this?

  2. How do I access a mounted secret using python?

    I'm really not sure how to do this as I couldn't find any documentation on how to actually access the secret itself. This is the only thing I found. I am using python just for context. Would the secret be mounted as a .txt and is that mount path the folder that it is stored in or does it also specify the file name?


Solution

  • With Cloud Run and Secret manager you can load a secret in 2 manners:

    Therefore, you can read a secret as you read

    So, your first question about directory is not clear. If you mount 2 secrets in 2 files in the same directory, no problem!

    If it doesn't solve your question, please, clarify.