I’m using Kong DB-less deployment with a declarative configuration. Does anyone know the best approach to store secret keys (e.g., API keys or JWT tokens) in a Kubernetes Secret object, and then use Helm to import the secret into the container? After that, how can I inject the secret values into the kong.yml
declarative config from environment variables?
consumers:
- username: apikey-user
keyauth_credentials:
- key: ${api_key_token1}
- username: apikey-user2
keyauth_credentials:
- key: ${api_key_token2}
- username: jwt-user
jwt_secrets:
- algorithm: HS256
secret: ${jwt-secret}
When I tested it, the value for apikey
became "{api_key_token1}"
instead of the actual secret value, and it didn’t work as expected. Any suggestions or examples on how to properly inject the secret values into the declarative config would be really helpful!