A simple API to create secrets into a Kubernetes namespace.
The only thing it can do is create a new Kubernetes secret from the key-value passed to the API endpoint. Once created, secrets cannot be listed or modified. The new secret's name is generated, and returned after creation.
conda env create -f environment.yaml
conda activate k8s-secret-creator
pip install -r requirements.txt
pip install -r test-requirements.txtTo run the server, please execute the following from the root directory:
minikube start
while read env; do export $env; done < .env.dev
python -m k8s_secret_creatorThe Swagger UI is accessible at: http://localhost:8080/k8s-secret-creator/1.0.0/ui/
To run the tests, execute:
minikube start
pytestTo run the service in Kubernetes or develop the Helm charts, run Tilt:
minikube start
tilt upThe swagger UI is accessible at: http://localhost:8080/k8s-secret-creator/1.0.0/ui/
We use Helm for the deployment.
Create a new file, ksc-values.yaml, containing at least the following lines:
auth:
api_token: '<a secure API token>'Additional configuration such as ingress can be added to this values file. Refer to ./helm/k8s-secret-creator/values.yaml
To deploy, run:
helm -n ksc-ns upgrade --install --create-namespace k8s-secret-creator oci://ghcr.io/qcdis/charts/k8s-secret-creator -f ksc-values.yaml