Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Transferring data from configmap to secret kubernetes #123

Open
dmyar21 opened this issue Jan 16, 2024 · 4 comments
Open

Transferring data from configmap to secret kubernetes #123

dmyar21 opened this issue Jan 16, 2024 · 4 comments

Comments

@dmyar21
Copy link

dmyar21 commented Jan 16, 2024

Good afternoon
Is it possible to transfer sensitive data from configmap to secret kubernetes?
For example: Database connection data

@ebyhr ebyhr transferred this issue from trinodb/trino Jan 17, 2024
@philicious
Copy link

@dmyar21 could you give an example of which config you mean and how you are currently setting it?
then I'd be able to answer if and how it might be possible

@dmyar21
Copy link
Author

dmyar21 commented Jan 25, 2024

Hi @philicious
I want to move the configmap trino-catalog to secret kybernetes as it contains information about connecting to the database
I did this by creating a separate secret.yaml and changing volume and volume mount s in deployment.yaml.
That's how I got the result I wanted.

@luismacosta
Copy link

luismacosta commented Jan 28, 2024

Hi @philicious

Suggestion to implement this: #111

@sdaberdaku
Copy link
Member

Hello @dmyar21 and @luismacosta

Maybe this could be useful:
You can set secrets in environment variables in Trino and then reference them in the catalog configuration (or any configuration) like so:

  example-postgres-db.properties: |-
    connector.name=postgresql
    connection-url=jdbc:postgresql://${ENV:DB_HOST}:${ENV:DB_PORT}/${ENV:DB_DATABASE}
    connection-user=${ENV:DB_USERNAME}
    connection-password=${ENV:DB_PASSWORD}
    user-credential-name=user
    password-credential-name=password

You can mount the environment variables (DB_HOST, DB_PORT, DB_DATABASE, DB_USERNAME, DB_PASSWORD) from secrets, and your catalog configuration can stay on a configmap since it does not contain any secret values.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

4 participants