search

mongodb / mongodb-atlas-kubernetes

MongoDB Atlas Kubernetes Operator - Manage your MongoDB Atlas clusters from Kubernetes
http://www.mongodb.com/cloud/atlas
Apache License 2.0
146 stars 75 forks source link

Secret cannot be mapped into app #237

Closed alex-tw-lam closed 2 years ago

alex-tw-lam commented 3 years ago

Variables with dot are mapped to app via the envFromSecret

Secret created by operator

> kubectl describe secret lamtowa-atlas-operator-atlas-cluster-u3e8127c4
Name:         lamtowa-atlas-operator-atlas-cluster-u3e8127c4
Namespace:    default
Labels:       atlas.mongodb.com/cluster-name=atlas-cluster
              atlas.mongodb.com/project-id=60a5e57c0fd89f4621cd69d4
Annotations:  <none>

Type:  Opaque

Data
====
connectionString.standard:     265 bytes
connectionString.standardSrv:  92 bytes
password:                      36 bytes
username:                      9 bytes

Binding from app

> kubectl get pod flask-with-mongodb-588d9547cc-8cxws -o yaml  | grep -i -A3 envfrom 
    envFrom:
    - secretRef:
        name: lamtowa-atlas-operator-atlas-cluster1-u3e8127c4

Actual variable available from app, both connectionString.standard and connectionString.standardSrv are missing

heroku@flask-with-mongodb-588d9547cc-4r7ml:/$ export 
declare -x CNB_APP_DIR="/workspace"
declare -x CNB_DEPRECATION_MODE="quiet"
declare -x CNB_LAYERS_DIR="/layers"
declare -x CNB_PLATFORM_API="0.4"
declare -x DATABASE_URL=""
declare -x FLASK_WITH_MONGODB_AUTO_DEPLOY_PORT="tcp://10.98.180.43:80"
declare -x FLASK_WITH_MONGODB_AUTO_DEPLOY_PORT_80_TCP="tcp://10.98.180.43:80"
declare -x FLASK_WITH_MONGODB_AUTO_DEPLOY_PORT_80_TCP_ADDR="10.98.180.43"
declare -x FLASK_WITH_MONGODB_AUTO_DEPLOY_PORT_80_TCP_PORT="80"
declare -x FLASK_WITH_MONGODB_AUTO_DEPLOY_PORT_80_TCP_PROTO="tcp"
declare -x FLASK_WITH_MONGODB_AUTO_DEPLOY_SERVICE_HOST="10.98.180.43"
declare -x FLASK_WITH_MONGODB_AUTO_DEPLOY_SERVICE_PORT="80"
declare -x FLASK_WITH_MONGODB_AUTO_DEPLOY_SERVICE_PORT_WEB="80"
declare -x GITLAB_ENVIRONMENT_NAME=""
declare -x GITLAB_ENVIRONMENT_URL=""
declare -x HOME="/app"
declare -x HOSTNAME="flask-with-mongodb-588d9547cc-4r7ml"
declare -x KUBERNETES_PORT="tcp://10.96.0.1:443"
declare -x KUBERNETES_PORT_443_TCP="tcp://10.96.0.1:443"
declare -x KUBERNETES_PORT_443_TCP_ADDR="10.96.0.1"
declare -x KUBERNETES_PORT_443_TCP_PORT="443"
declare -x KUBERNETES_PORT_443_TCP_PROTO="tcp"
declare -x KUBERNETES_SERVICE_HOST="10.96.0.1"
declare -x KUBERNETES_SERVICE_PORT="443"
declare -x KUBERNETES_SERVICE_PORT_HTTPS="443"
declare -x OLDPWD
declare -x PATH="/cnb/process:/cnb/lifecycle:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
declare -x PWD="/"
declare -x SHLVL="1"
declare -x TERM="xterm"
declare -x password="********-********-********-********-********"
declare -x username="u3e8127c4"
antonlisovenko commented 3 years ago

Thanks @alex-tw-lam for pointing this out.

You are right, the dots create the problems with environment variable names if all the Secret properties are mapped to environment variables. It's still possible to reference the properties individually:

env:
  - name: "CONNECTION_STRING"
     valueFrom:
        secretKeyRef:
           name: test-atlas-operator-project-test-cluster-theuser
           key: connectionString.standardSrv

I've created an internal ticket to track this

jamesbroadhead commented 2 years ago

Docs updated -> resolved