Kubectl create multiline secret

Question

I'm trying to put a Service Account into a secret - I did it previously a year ago and it works but now - no matter how I approach it, the application doesn't see it right and says there is Input byte array has incorrect ending byte - When creating normal secret I know you've gotta do it with a new line so

echo -n "secret" | base64

and put that value in secret and apply, but my multiline file

cat secret.json
{
  "type": "service_account",
  "project_id": "smth-smth",
  "private_key_id": "blabla"
...
}

No matter how I approach - whether put it by hand like in the first example, or do it with

cat secret.json | base64

# or 

base64 < secret.json

the secret is created but application throws

Constructor threw exception; nested exception is java.lang.IllegalArgumentException: Input byte array has incorrect ending byte at 3104

When I compare the new secret to the last one of the service account the difference is how the output looks like

The working one is smth like this - when I try to decrypt the base64

echo -n "<long string of base64 encrypred sa> | base64 -D
    { "type": "service_account", "project_id": "blabla"... }

so it's in one line, and the new SA I try to decrypt is outputed in the format as in the file - so each part of json in new line - I tried manually putting it all in one line but without success

Anyone know ? how to put a multiline file in a secret (base64) properly?

Answer 1

The easiest way to create a secret from a file is to use kubectl create secret generic.

Put your file secret.json in a folder config and then run:

kubectl create secret generic my-secret --from-file=config

You will get a secret my-secret with one key secret.json containing your file (which you can then mount to a pod volume).