Giters

banzaicloud / banzai-charts

Curated list of Banzai Cloud Helm charts used by the Pipeline Platform

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Unable to use secret that contains files in K8s

NGL91 opened this issue · comments

commented

Describe the bug

It seems to be unable for working with secret contain files in K8S

Steps to reproduce the issue:

In GCP k8s cluster, create a secret that contains the google cloud service account file
https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets-as-files-from-a-pod
Screen Shot 2020-11-23 at 14 00 14

Install helm chart https://artifacthub.io/packages/helm/banzaicloud-stable/spark-hs with sparkEventLogStorage.secretName point to newly created secret

Expected behavior

New spark-hs service failed to read /opt/spark/conf/secret/google.json

Screen Shot 2020-11-23 at 14 01 35

Additional context

If I change manually in the template deployment from

- name: secret-volume
    mountPath: /opt/spark/conf/secret/google.json
    subPath: google.json

to

- name: secret-volume
 mountPath: /opt/spark/conf/secret/
 readOnly: true

The files from secret are created