-
kubernetes-external-secrets
Discontinued Integrate external secret management systems with Kubernetes
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
What is the best practice for injecting the secrets from Google Secret Manager into a Kubernetes deployment. I have stored the login credentials for my grafana & kibana instances into Google Secret Manager. Both of these instances were deployed using a helm chart on Google Kubernetes Engine. I know that one can use an init container in k8s to inject the secrets via environment variable and I read a bit about kubernetes external secrets, but I'm a little confused as to how to reference secrets stored in Google Secret Manager within the helm chart config itself. Has anyone successfully done this before? Would welcome any insight on best practice.
I'm using mutating webhooks and berglas for this. See more details at https://github.com/GoogleCloudPlatform/berglas/tree/main/examples/kubernetes
Thanks u/Sparkyadm. This was helpful! I ended up using Berglas as well. I don't know how to inject the secret into the Grafana helm chart though. I tried adding it in the envs section, but it literally took in the secret manager path as the password rather the value being stored.
Related posts
-
Query frontend for loki-stack
-
Whats the deal with the Kubernetes Application sig? This just a Google thing? Does anyone use it?
-
Multi-Cluster Prometheus: Scaling Metrics Across Kubernetes Clusters
-
How to deploy and manage a RabbitMQ cluster on Amazon EKS using Terraform and Helm
-
Hands On: Pull metrics into Kubernetes from anywhere and treat them generically with the Keptn Metrics Server