Kubernetes Secret
Overviewβ
Loads the configuration from a Kubernetes Secret. This retriever is useful when you are using Kubernetes and want to use Secrets to store your configuration files.The Kubernetes Secret Retriever will access flags in a Kubernetes Secret via the Kubernetes Go Client.
Add a flag configuration file as Secretβ
If you have a flag configuration file, you can create a Secret with the content of the file.
The following command will create a Secret with the content of the examples/retriever_k8s_secret/flags.goff.yaml file:
kubectl create secret generic goff --from-file=examples/retriever_k8s_secret/flags.goff.yaml
Configure the relay proxyβ
To configure your relay proxy to use the Kubernetes Secret retriever, you need to add the following configuration to your relay proxy configuration file:
note
Relay proxy is only supporting the secrets while running inside the kubernetes cluster.
goff-proxy.yaml
# ...
retrievers:
- kind: secret
namespace: default
secret: goff
key: flags.goff.yaml
# ...
| Field name | Mandatory | Type | Default | Description |
|---|---|---|---|---|
kind | string | none | Value should be secret.This field is mandatory and describes which retriever you are using. | |
namespace | string | none | This is the name of the namespace where your secret is located (ex: default). | |
secret | string | none | Name of the secret we should read (ex: feature-flag). | |
key | string | none | Name of the key in the secret which contains the flag. |
Configure the GO Moduleβ
To configure your GO module to use the Kubernetes Secret retriever, you need to add the following
configuration to your ffclient.Config{} object:
example.go
import (
restclient "k8s.io/client-go/rest"
)
// ...
config, _ := restclient.InClusterConfig()
err = ffclient.Init(ffclient.Config{
PollingInterval: 3 * time.Second,
Retriever: &k8sretriever.SecretRetriever{
Path: "flags.goff.yaml",
Namespace: "default"
SecretName: "secret"
SecretKey: "flags.yml"
ClientConfig: &config
},
})
defer ffclient.Close()
| Field | Mandatory | Description |
|---|---|---|
Namespace | The namespace of the Secret. | |
SecretName | The name of the Secret. | |
SecretKey | The key within the Secret storing the flags. | |
ClientConfig | The configuration object for the Kubernetes client |