Adding secrets to KongCredential resources

bgarcial · March 29, 2019, 8:28am

Hi people.

I have these KongCredentials, resources with their respective KongConsumers and the basic-auth and acl KongPlugins

My question is: Can I apply it kubernetes secrets to KongCredentials resource?
What kind of secrets? generic may be?

apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
  name: swaggerapi-basic-auth
  namespace: default
  labels:
    global: "false"
disabled: false
config:
  hide_credentials: true
plugin: basic-auth
---
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
  name: swaggerapi-acl
  namespace: default
  labels:
    global: "false"
disabled: false
config:
  hide_groups_header: true
  whitelist: ["dev", "azure"]
plugin: acl
---
# User standard
apiVersion: configuration.konghq.com/v1
kind: KongConsumer
metadata:
  name: zcrm365consumer
  namespace: default
username: user
---
apiVersion: configuration.konghq.com/v1
kind: KongCredential
group: dev
metadata:
  name: credential-zcrm365-acl
  namespace: default
consumerRef: zcrm365consumer
type: acl
config:
  group: "dev"
---
apiVersion: configuration.konghq.com/v1
kind: KongCredential
metadata:
  name: credential-zcrm365
  namespace: default
consumerRef: zcrm365consumer
type: basic-auth
config:
  username: user
  password: passwd
---

hbagdi · April 4, 2019, 9:14pm

Hi @bgarcial,

It is not possible to do this currently but is definitely something on the radar.

bgarcial · April 25, 2019, 12:30pm

Does KONG not have its own environment variables? Maybe are there some specific flags similar to these?

spec:
      serviceAccountName: kong-serviceaccount
      initContainers:
      - name: wait-for-migrations
        image: kong:1.1
        command: [ "/bin/sh", "-c", "kong migrations list" ]
        env:
        - name: KONG_ADMIN_LISTEN
          value: 'off'
        - name: KONG_PROXY_LISTEN
          value: 'off'
        - name: KONG_PROXY_ACCESS_LOG
          value: "/dev/stdout"
        - name: KONG_ADMIN_ACCESS_LOG
          value: "/dev/stdout"
        - name: KONG_PROXY_ERROR_LOG
          value: "/dev/stderr"
        - name: KONG_ADMIN_ERROR_LOG
          value: "/dev/stderr"
        - name: KONG_PG_HOST
          value: postgres
        - name: KONG_PG_PASSWORD
          value: kong

mignatko · May 15, 2019, 9:55am

Hi @hbagdi,
Is there any update on this?

hbagdi · May 17, 2019, 5:58pm

The last update stands as is as of now.
Design proposals on how to update the KongCredential CRD to support this are welcome.

Topic		Replies	Views
Kong Ingress Controller : Configure ACL without KongCredentials Questions kubernetes	3	1034	February 26, 2020
Creating an APIkey when declaratively creating a KongCredential	3	839	August 5, 2019
Kong plugin config with Secret Questions kubernetes	4	3050	December 10, 2021
Basic Auth - Add consumer with kubectl (dbless) kong-gateway	3	531	September 28, 2022
KongCredential deprecation Questions kubernetes	1	1708	February 3, 2020

Adding secrets to KongCredential resources

Related topics