Document URL: https://docs.openshift.com/container-platform/3.4/dev_guide/secrets.html Section Number and Name: Developer Guide / Secrets Describe the issue: There are 2 issues I found with this doc as when trying to follow it as a new user to container platform. 1. While the doc covers the mechanic for creating the secret in the section "Creating Secrets" it gives you the actual command to create the secret "oc create -f secret.json", but when you get to the next part of how to use reference the secret in your pod it just gives you the raw yaml, and no information on how to import that yaml. I had to ask on IRC to figure this part out. 2. "Example 2. YAML of a Pod Populating Environment Variables with Secret Data" This example does not work as is. If you create a secret and try to use this yaml in your pod you will get an error: "cat: can't open '/etc/secret-volume/*': No such file or directory". I had to ask on IRC and we figured out that this example has to first define the volumn /etc/secret-volume in order to work, like in example 1. Suggestions for improvement: 1. Include the mechanism for importing the example yaml that uses the secret, in the same way this was included for creating the secret. Either how to do it with "oc" command or through the web UI. 2. Fix Example 2 so that it works without needing to be modified.
Paul, Can you please help me fill in the information gaps, or point me in the right direction? Thanks!
Not Paul (actually the help from IRC), but can probably point you in the right direction... 1) creating the objects is pretty simple oc create -f <my_yaml_file>.yaml It may be worth expanding the "secrets in variables" and "secrets in volumes" sections to include creating the pod, getting the logs, then deleting the pod oc create -f <my_yaml_file>.yaml oc logs secret-example-pod oc delete secret-example-pod 2) Example 2: What needs to change is that the command shouldn't reference the volume (because the volume isn't mounted in example 2). It should instead display the variable being set in some manner, for example: """ command: [ "/bin/sh", "-c", "export" ] """
oops should be "oc delete pod secret-example-pod" (when deleting the object you have to tell it what type of object you're deleting, fetching logs assumes pods.)
Thanks for the guidance, Mark! I opened this PR: https://github.com/openshift/openshift-docs/pull/3696. Please take a look.
Ashley, I've made a comment on the PR, but please note that as I'm not a part of the Engineering or Documentation groups I wouldn't feel comfortable providing a full review
Commits pushed to master at https://github.com/openshift/openshift-docs https://github.com/openshift/openshift-docs/commit/886979bbe2b78e8021cf0c56708f5ff0307d76bb Bug 1420410, corrected an example YAML file and added missing steps https://github.com/openshift/openshift-docs/commit/95607de979a31dc58c4bd0cd75d42d3914b8a281 Merge pull request #3696 from ahardin-rh/secrets-improvements Bug 1420410, corrected an example YAML file and added missing steps
Content is now published: https://access.redhat.com/documentation/en-us/openshift_container_platform/3.4/html/developer_guide/dev-guide-secrets#secrets-in-volumes-and-env-vars