Does anyone know what am I doing wrong with my kubernetes secret yaml and why its not able to successfully create one programatically?
I am trying to programmatically create a secret in Kubernetes cluster with credentials to pull an image from a private registry but it is failing with the following:
"Secret "secrettest" is invalid: data[.dockerconfigjson]: Invalid value: "<secret contents redacted>": invalid character 'e' looking for beginning of value"
This is the yaml I tried to use to create the secret with. It is yaml output from a secret previously created in my kubernetes cluster using the command line except without a few unnecessary properties. So I know this is valid yaml:
apiVersion: v1
data:
.dockerconfigjson: eyJhdXRocyI6eyJoZWxsb3dvcmxkLmF6dXJlY3IuaW8iOnsidXNlcm5hbWUiOiJoZWxsbyIsInBhc3N3b3JkIjoid29ybGQiLCJhdXRoIjoiYUdWc2JHODZkMjl5YkdRPSJ9fX0=
kind: Secret
metadata:
name: secrettest
namespace: default
type: kubernetes.io/dockerconfigjson
This is the decoded value of the ".dockerconfigjson" property which seems to be throwing the error but not sure why if the value is supposed to be encoded per documentation:
{"auths":{"helloworld.azurecr.io":{"username":"hello","password":"world","auth":"aGVsbG86d29ybGQ="}}}
According to the documentation, my yaml is valid so Im not sure whats the issue: Customize secret yaml
Note: I tried creating the Secret using the Kubernetes client and "PatchNamespacedSecretWithHttpMessagesAsync" in C#
Referenced documentaion: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
I found my issue. I was trying to create the Secret object using
Yaml.LoadAllFromString()
which was double encoding my .dockerconfigjson value. The weird part was the if the value wasnt encoded, it would fail. So I had to just manually create the Secret object instead of reading from a yaml file.