search

Azure / open-service-broker-azure

The Open Service Broker API Server for Azure Services
https://osba.sh
MIT License
248 stars 100 forks source link

env var valueFrom.secretKeyRef not expanded in other env var or args #677

Open cforce opened 5 years ago

cforce commented 5 years ago

Is there and hint how to use the created secrets of the binding towards applications running in pods.? All for me known ways seems not work on AKS- please give advice. https://github.com/Azure/AKS/issues/836

zhongyi-zhang commented 5 years ago

The AKS quick-start guidance has an example for installing WordPress by Helm chart: https://github.com/Azure/open-service-broker-azure/blob/master/docs/quickstart-aks.md Here are more Helm chart examples: https://github.com/Azure/helm-charts.

Is it what you look for?

cforce commented 5 years ago

Not exatcly. I still cant find a way how i pass the generated secret key value into an java enviroment variable or arg param . I can't use the same value as used in the param "URI" of the secret value, but need to prefix "jdbc:" before i pass it in. I would be able to change the URI=jdbdc:$URI value already when creating the binding or add a new param to the binding like URL=jdbdc:$URI that work also, Currently i amusing svcat bind ups-instance --name ups-binding to create the binding.

zhongyi-zhang commented 5 years ago 
- name: DATABASE_URI
          valueFrom:
            secretKeyRef:
              name: my-app-mysql-secret
              key: uri
- name: DATABASE_JDBC
          value: "jdbc:$(DATABASE_URI)"

Does something like this work? I found https://stackoverflow.com/questions/40889743/string-operation-on-env-variables-on-kubernetes, it seems string operator is doable.

cforce commented 5 years ago

No it actually does not, as i reported on Azure/AKS#836

zhongyi-zhang commented 5 years ago

Oh, sorry for missing the thread. Then, AFAIK we don't have a good solution for this right now :(. Hi @carolynvs, do you have any idea about the issue?

fredgate commented 4 years ago

I have the same problem. The generated secret containing credentials for provisioned Mysql database does not contain a key with the JDBC url. There is just keys host, port, username, password, database, url but not jdbcUrl as it is the case for MSSQL databases. So I can not connect to the database from a container with a Java Spring application.

kinihun commented 4 years ago

This is Nov 2020 and this basic Kubernetes functionality still does not work in AKS