On my helm chart I have a job with the pre-install
hook where I need to use a property from my secrets. However when I try to install my helm chart I get the following error on my pre-install
job:
Error: secret "SecretsFileName" not found
Secrets aren't created before the pods execution? What's the problem here? How can I solve this?
Notes:
- I want to use secrets to have the properties encrypted. I don't want to use the decrypted value directly on my pod;
- I already read Helm install in certain order but I still not understanding the reason of this error;
- I already tried to use
"helm.sh/hook": pre-install,post-delete
and"helm.sh/hook-weight": "1"
on secrets, and"helm.sh/hook-weight": "2"
on my pod but the problem remains.
My pre-install job:
apiVersion: batch/v1
kind: Job
metadata:
name: "MyPodName"
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
#some more code
spec:
template:
#some more code
spec:
dnsPolicy: {{ .Values.specPolicy.dnsPolicy }}
restartPolicy: {{ .Values.specPolicy.restartPolicy }}
volumes:
- name: {{ .Values.volume.name }}
persistentVolumeClaim:
claimName: {{ .Values.volume.claimName }}
securityContext:
{{- toYaml .Values.securityContext | nindent 8 }}
containers:
- name: "MyContainerName"
#some more code
env:
- name: SECRET_TO_USE
valueFrom:
secretKeyRef:
name: SecretsFileName
key: PROP_FROM_SCRETS
#some more code
My secrets file:
apiVersion: v1
kind: Secret
metadata:
name: "SecretsFileName"
labels:
app: "MyAppName"
#some more code
type: Opaque
data:
PROP_FROM_SCRETS: eHB0bw==