[SOLVED] Kubernetes Secret is not stored in encoded format in environment variables

Kubernetes Secret is not stored in encoded format in environment variables

I am a beginner to Kubernetes. I have created a secret file and referred it in deployment yaml file.

app-secret.yaml

apiVersion: v1
kind: Secret
metadata:
  name: app-secret
data:
  username: YWRtaW4=
  password: YWRtaW4=

deploy.yaml

env:
          - name: DEPLOY_ENV
            value: ${env}
          - name: NAMESPACE_NAME
            valueFrom:
                fieldRef:
                  fieldPath : metadata.namespace
          - name: APP_USERNAME
            valueFrom:
                secretKeyRef:
                  name: app-secret
                  key: username
          - name: APP_PASSWORD
            valueFrom:
                secretKeyRef:
                  name: app-secret
                  key: password

While using the command kubectl get secret pod-54rfxd -n dev-ns -o json, it is printing the username and password in encoded format only. When i query for the environment variables list using the command kubectl exec pod-54rfxd -n dev-ns -- printenv, it was giving below result.

APP_USERNAME=admin
APP_PASSWORD=admin

Why it was not in encoded format in environment variables. Could you please let me know the reason and is it possible to have it in encoded format?

Solution

You could use the stringData format:

apiVersion: v1
kind: Secret
metadata:
  name: app-secret
stringData:
  username: "YWRtaW4="
  password: "YWRtaW4="

From K8s doc:

K8s doc