Secret

Default version: v1

$secret = $cluster->secret()
    ->setName('certificates')
    ->setData([
        'key.pem' => '...',
        'ca.pem' => '...',
    ])->create();

If you already encoded the fields, you can pass false to the second parameter:

$secret->setData([
    'crt.pem' => base64_encode('...'),
], false)

Data retrieval by default returns base64-encoded data:

$secret = $cluster->getSecretByName('certificates');

$data = $secret->getData();

$key = $data['key.pem']; // this string is base64 encoded

Passing true to the getData() method will decode the data for you:

$data = $secret->getData(true);

$key = $data['key.pem'] // '...'

Since Kubernetes v1.21.0, Secrets support immutability. If you do not specify the immutable() method, it will default to false:

$secret = $cluster->secret()
    ...
    ->immutable()
    ->create();

$secret->isImmutable(); // true

Last updated 3 years ago

Was this helpful?