Injecting Secrets into Kubernetes Applications

yaml file is used to patch the secret to the application it is necessary to fill in the mandatory fields defined in kron pam in the yaml file these fields are secret name, secret path and token values the patch file must be filled with the secret information it wants to access for each application multiple secrets can be set in the same file under annotations apply the patch using kubectl cmd proving the name of deployment and patch file \# kubectl patch deployment my test deployment patch "$(cat secrets patch yaml)" deployment apps/my test deployment patched \# kubectl get pods name ready status restarts age kron aapm agent 5c57584465 crws8 1/1 running 0 30m my test deployment d7ff55c4b 68gxx 1/1 running 0 15s (pod name changed) after patching, the sidecar was injected aapm client container should appear in the application's pod \# kubectl get pods my test deployment d7ff55c4b 68gxx o jsonpath='{ spec containers\[ ] name}' nginx aapm client the nginx container and aapm client container now use keystore shared volume they can read the secret information with the shared environment file kept under the keystore \# kubectl exec it my test deployment d7ff55c4b 68gxx c nginx cat /keystore/user1 env serviceuser ={"secret" {"password" "fme8i5bq","username" "sapmuser1"}} \# kubectl exec it my test deployment d7ff55c4b 68gxx c aapm client cat /keystore/user1 env serviceuser ={"secret" {"password" " fme8i5bq ","username" " serviceuser "}}