Hi, can I create kubernetes secrets using a Azure pipeline getting data from Azure Key Vault Secrets?
You can also connect azure key vault to kubernetes as secret store
Can you tell me how please? or any link to read
On doing it from a pipeline or connecting key vault to aks?
On doing it from a pipeline pls
Make secrets available in pipeline: https://docs.microsoft.com/en-us/azure/devops/pipelines/release/azure-key-vault?view=azure-devops
Run kubectl commands from pipeline to create secrets: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/kubernetes?view=azure-devops#secrets
When the secrets are available in the pipeline, how can I operate with those and where they will be stored?
Did you read the first link? Step 9 shows how to use the key vault variables in the pipeline
Yes I was reading but I am still bit confused though, I am quite new. my 2 doubts are: 1. are the KV secrets stored in the agent machine or where? I am asking because I would like to delete those on disk once completed. 2. how can I create a kubernetes secret? I guess using az-cli? thanks
The secrets are stored in the agent process for that pipeline. They are not stored on disk. They will be cleared when the pipeline ends. The second link tells you how to create the kubernetes secrets using kubectl. You cannot do this with az cli.
I need now to create a secret using the secret got from KV and label it. I can’t find how to do it from the link you gave, is that the right one or I am missing something?
Label it? what do you mean
Kubectl create secret … and kubectl label secret …
I need to do these 2 operations in the pipeline
Not sure if those are possible
Your command would be label, your arguments would be secret …
After creating the secret of course
Ok thanks but I am still stuck with getting created the secret. I used as command create, is that correct?