-
Notifications
You must be signed in to change notification settings - Fork 0
K8s Secret
Andy Potanin edited this page Jun 21, 2026
·
1 revision
Creates a Kubernetes Opaque secret for application-level sensitive data.
Use this module when a Rabbit service needs to inject secrets into pods that are not managed by GCP Secret Manager directly.
- Opaque secret creation in a specified namespace.
- Secret data provided via Terraform variable (populated by R2A at runtime).
- A kubeconfig secret created by the
k8s-accessmodule. - The target namespace must exist.
- The secret is always named
app-secretin the target namespace. -
secret_datais populated by R2A at runtime from the Terraform variable, not from the YAML config file. - The
configurationsblock specifies the namespace and service metadata but the actual secret values come from thesecret_datavariable.
services:
- name: "k8s Secret"
module: "k8s-secret"
id: "app-secret"
deployment_order: 70
configurations:
namespace: "www-example-com"
service_name: "www-example-com-production"This module does not produce outputs.
The fields below are public module inputs under configurations.
configurations:
service_name: "www-example-com-production"
namespace: "www-example-com"
service_type: "ClusterIP"
service_port: 30001
service_labels:
app: "www-example-com-production"
component: "www-example-com-production"
service_selector:
app: "www-example-com-production"
component: "www-example-com-production"
port_name: "http"
port: 80
target_port: 8080| Field | Type | Required | Description |
|---|---|---|---|
namespace |
string | Yes | Kubernetes namespace for the secret. |
service_name |
string | Yes | Service name identifier. |
service_type |
string | No | Service type. Defaults to ClusterIP. |
service_port |
number | No | Service port. Defaults to 30001. |
service_labels |
map[string] | No | Labels for the service. |
service_selector |
map[string] | No | Selector labels. |
port_name |
string | No | Port name. Defaults to http. |
port |
number | No | Port number. Defaults to 80. |
target_port |
number | No | Target port. Defaults to 8080. |
- GCP GKE Cluster
- GCP GKE Node Pool
- GCP IAM
- GCP Monitoring
- GCP Networking
- GCP PostgreSQL Instance
- GCP Secret Manager
- GCP SQL Instance
- GCP Static IP
- GCP Storage