Skip to content

K8s Secret

udx-github edited this page Jul 3, 2026 · 3 revisions

Creates a Kubernetes Opaque secret for application-level sensitive data.

Use this module when a Rabbit service needs to inject secrets into pods that are not managed by GCP Secret Manager directly.

Supported Features

  • Opaque secret creation in a specified namespace.
  • Secret data provided via Terraform variable (populated by R2A at runtime).

Prerequisites

  • A kubeconfig secret created by the k8s-access module.
  • The target namespace must exist.

Important Notes

  • The secret is always named app-secret in the target namespace.
  • secret_data is populated by R2A at runtime from the Terraform variable, not from the YAML config file.
  • The configurations block only specifies the target namespace. The actual secret values come from the secret_data Terraform variable populated by R2A at runtime.

Minimal Example

services:
  - name: "k8s Secret"
    module: "k8s-secret"
    id: "app-secret"
    deployment_order: 70
    configurations:
      namespace: "www-example-com"

Outputs

This module does not produce outputs.

Full Configuration Schema

The fields below are public module inputs under configurations.

configurations:
  namespace: "www-example-com"
Field Type Required Description
namespace string Yes Kubernetes namespace for the secret.

Clone this wiki locally