-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathsecret.py
52 lines (48 loc) · 2.09 KB
/
secret.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
from constructs import Construct, Node
from imports import k8s
class Secrete(Construct):
def __init__(self, scope: Construct, id: str):
super().__init__(scope, id)
app_name = 'myscecret'
label = {'app': app_name}
k8s.KubeDeployment(
self, "SecreteDeployment",
metadata=k8s.ObjectMeta(name=app_name),
spec=k8s.DeploymentSpec(
replicas=1,
selector=k8s.LabelSelector(match_labels=label),
template=k8s.PodTemplateSpec(
metadata=k8s.ObjectMeta(labels=label, name=app_name),
spec=k8s.PodSpec(
containers=[
k8s.Container(
name=app_name,
image="alpine:latest",
ports=[k8s.ContainerPort(container_port=80)],
command=['sleep', '9999'],
env=[
k8s.EnvVar(
name='SECRET_USERNAME',
value_from=k8s.EnvVarSource(
secret_key_ref=k8s.SecretKeySelector(key='username', name='test-secret')
)
),
k8s.EnvVar(
name='SECRET_PASSWORD',
value_from=k8s.EnvVarSource(
secret_key_ref=k8s.SecretKeySelector(key='password', name='test-secret')
)
)
]
)
]
)
)
)
)
k8s.KubeSecret(
self, 'Secrete',
metadata=k8s.ObjectMeta(name='test-secret'),
type='Opaque',
data={"username": "YWRtaW4=", "password": "YTYyZmpiZDM3OTQyZGNz"}
)