k8s从nodejs应用程序读取secert [英] k8s read secert from nodejs application

问题描述

我有一个nodejs应用程序，需要在RT中读取机密

I've a nodejs application which needs to read secret in RT

这是秘密

apiVersion: v1
kind: Secret
metadata:
  name: secert1
  namespace: trail
type: Opaque
data:
  TOKEN1: cmVhbGx5X3NlY3JldF92YWx1ZTE=

我已经使用一个卷来安装机密，因为我需要阅读许多字段，并且我不想使用var选项.

I have used a volume to mount the secret as I've many fields that I need to read and I don't want to use the var option.

我已按如下所示将卷添加到部署中:

I've added volume to the deployment as following:

          volumeMounts:
            - name: secret-volume
              mountPath: /etc/secret-volume
      volumes:
        - name: secret-volume
          secret:
            secretName: secert1

我的问题是我应该如何从nodejs应用程序访问机密?

My question is how should I access the secret from the nodejs app?

我尝试了以下操作，没有得到任何数据，有任何想法吗?

I've tried with the following and didnt get any data, any idea?

const fs = require('fs');
fs.readFile('/etc/secret-volume', function read(err, data) {
    if (err) {
        throw err;
    }
    const content = data;


});

推荐答案

秘密中的每个data项目都将成为基于秘密的卷的mountPath中的文件.

Each data item in a secret will become a file in the mountPath of the secret based volume.

要读取大量令牌，可以使用 readdir 拖曳目录 readFile

To read lots of tokens you can trawl the directory with readdir and readFile

const fsp = require('fs').promises
const path = require('path')

async function readTokens(token_path) {
  const tokens = {}
  const files = await fsp.readdir(token_path)
  for (const file of files) {
    const buf = await fsp.readFile(path.join(token_path, file), 'utf8')
    tokens[file] = buf.toString()
  }
  return tokens
}

readTokens('/etc/secret-volume').then(console.log).catch(console.err)

这篇关于k8s从nodejs应用程序读取secert的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！