Create a secret for imagePullSecrets on K8S

Need Help
1

I need to create a secret on Kubernetes to store the dockerconfigjson
Here is what I tried to do

apiVersion: secrets.doppler.com/v1alpha1
kind: DopplerSecret
metadata:
  name: prod-dockerhub
  namespace: doppler-operator-system
spec:
  tokenSecret:
    name: doppler-docker-secret
  managedSecret:
    name: regcred
    namespace: my-namespace
    type: kubernetes.io/dockerconfigjson

The problem is that I need to create a secret the the key = .dockerconfigjson
and doppler won’t let me create a secret starting with a dot and with lowercase

This is the error I get when I apply the manifest

kubectl describe DopplerSecret -A

Secret update failed: Failed to create Kubernetes secret: Secret "regcred" is invalid: data[.dockerconfigjson]: Required value

Screenshot from 2023-09-17 15-16-57
Screenshot from 2023-09-17 15-16-571494×190 13.1 KB

2

Hi @dmcgeobroker!

Welcome to the Doppler Community!

If I’m following you right, you have a secret in Doppler that you want to be mapped into k8s with a different name (e.g., DOCKERCONFIGJSON to .dockerconfigjson). Is that right?

If so, then you should actually be able to do that using a newer feature we added to the operator:

The TL;DR is that you’d setup a processor like this:

apiVersion: secrets.doppler.com/v1alpha1
kind: DopplerSecret
metadata:
  name: prod-dockerhub
  namespace: doppler-operator-system
spec:
  tokenSecret:
    name: doppler-docker-secret
  managedSecret:
    name: regcred
    namespace: my-namespace
    type: kubernetes.io/dockerconfigjson
  processors:
    DOCKERCONFIGJSON:
      type: plain
      asName: .dockerconfigjson

This would result in a secret named regcred with one entry named .dockerconfigjson with the contents you expect. Give it a shot and let me know if that’ll accomplish what you’re after!

Regards,
-Joel

1 Like
3

I had the same problem and your solution works great!