41 lines
1.6 KiB
YAML
41 lines
1.6 KiB
YAML
# This YAML file defines a Kubernetes Secret.
|
|
# Secrets are used to store sensitive information, such as passwords, API keys, and tokens.
|
|
# It's crucial to handle Secrets securely to protect your application.
|
|
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: REPLACE_ME-secret # Replace with a descriptive name for your secret
|
|
namespace: default # Consider using a specific namespace for your application
|
|
labels:
|
|
app: REPLACE_ME-app # Replace with your application name
|
|
tier: backend # Optional: Add a tier label if applicable
|
|
annotations:
|
|
# Optional: Add annotations for documentation or automation
|
|
description: "Secret for REPLACE_ME application"
|
|
|
|
type: Opaque # Use Opaque for generic key-value secrets
|
|
|
|
data:
|
|
# Each key-value pair represents a secret.
|
|
# The values should be base64 encoded.
|
|
# Example:
|
|
# my_password: $(echo -n "mysecretpassword" | base64)
|
|
#
|
|
# IMPORTANT: Never store plaintext secrets in your YAML file.
|
|
# Use a secure method to generate and encode the values.
|
|
#
|
|
# Example using environment variables:
|
|
# my_api_key: $(echo -n "$MY_API_KEY" | base64)
|
|
|
|
# Add your secrets here:
|
|
api_key: YOUR_VALUE_HERE # Replace with your base64 encoded API key
|
|
database_password: YOUR_VALUE_HERE # Replace with your base64 encoded database password
|
|
|
|
# Optional: You can use 'stringData' instead of 'data' to provide plaintext values.
|
|
# Kubernetes will automatically encode them to base64.
|
|
# However, it's generally recommended to encode the values beforehand for security.
|
|
#
|
|
# stringData:
|
|
# username: myuser
|
|
# password: mysecretpassword |