Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

k8s/python: How do I read a secret using the Kubernetes Python client?

I want to do the opposite of this question:

How to create secrets using Kubernetes Python client?

i.e.:

How do I read an existing secret from a kubernetes cluster via the kubernetes-python API?

The use case is: I want to authenticate to mongodb (running in my cluster) from a jupyter notebook (also running in my cluster) without, for obvious reasons, saving the mongodb auth password inside the jupyter notebook.

Thanks!

like image 757
jtlz2 Avatar asked Mar 14 '19 10:03

jtlz2


1 Answers

  1. Install Kubernetes client for python
  2. Now you can pull the secret. For example secret name - mysql-pass, namespace - default
from kubernetes import client, config
config.load_kube_config()
v1 = client.CoreV1Api()
secret = v1.read_namespaced_secret("mysql-pass", "default")
print(secret)
  1. If you need to extract decoded password from the secret
from kubernetes import client, config
import base64
import sys    
config.load_kube_config()
v1 = client.CoreV1Api()
sec = str(v1.read_namespaced_secret("mysql-pass", "default").data)
pas = base64.b64decode(sec.strip().split()[1].translate(None, '}\''))
print(pas)

Hope this will help.

like image 73
A_Suh Avatar answered Oct 06 '22 02:10

A_Suh