Env Vars
call-secret-endpoint.yaml---
apiVersion: mission-control.flanksource.com/v1
kind: Playbook
metadata:
name: call-secret-endpoint
namespace: default
spec:
description: Makes an HTTP request to a secret endpoint behind auth.
env:
- name: auth_token
valueFrom:
secretKeyRef:
name: secret-website
key: JWT
actions:
- name: Query localhost
exec:
script: |
curl -H "Authorization: Bearer {{.env.auth_token}}" http://localhost
Env Vars are variables that can be used to template playbook actions. In the snippet above, you can see an env var auth_token
that's pulled in from a kubernetes secret and then used to template the Exec action.
In a way, env vars are like playbook parameters. The difference being that they do not come from users and are not stored anywhere. It's the right place to inject any secrets into a playbook.