Can't create Secret in Kubernetes: illegal base64 data at input
I got the decoded values "mega_secret_key" and "really_secret_value1" from from your encoded data. Seems they are not encoded in right way. So, encode your data in right way:
$ echo "mega_secret_key" | base64bWVnYV9zZWNyZXRfa2V5Cg==$ echo "really_secret_value1" | base64cmVhbGx5X3NlY3JldF92YWx1ZTEK
Then check whether they are encoded properly:
$ echo "bWVnYV9zZWNyZXRfa2V5Cg==" | base64 -dmega_secret_key$ echo "cmVhbGx5X3NlY3JldF92YWx1ZTEK" | base64 -dreally_secret_value1
So they are ok. Now use them in your dummy-secret.yaml
:
apiVersion: v1kind: Secretmetadata: name: dummy-secrettype: Opaquedata: API_KEY: bWVnYV9zZWNyZXRfa2V5Cg== API_SECRET: cmVhbGx5X3NlY3JldF92YWx1ZTEK
And run $ kubectl create -f dummy-secret.yaml
.
UPDATE:
If you use -n
flag while running $ echo "some_text"
, it will trim the trailing \n
(newline) from the string you are printing.
$ echo "some_text"some_text$ echo -n "some_text"some_text⏎
Just try it,
# first encode$ echo -n "mega_secret_key" | base64bWVnYV9zZWNyZXRfa2V5$ echo -n "really_secret_value1" | base64cmVhbGx5X3NlY3JldF92YWx1ZTE=# then decode and check whether newline is stripped$ echo "bWVnYV9zZWNyZXRfa2V5" | base64 -dmega_secret_key⏎$ echo "cmVhbGx5X3NlY3JldF92YWx1ZTE=" | base64 -dreally_secret_value1⏎
You can use these newly (without newline) decoded data in your secret instead. That also should fine.
$ cat - <<-EOF | kubectl apply -f -apiVersion: v1kind: Secretmetadata: name: dummy-secrettype: Opaquedata: API_KEY: bWVnYV9zZWNyZXRfa2V5 API_SECRET: cmVhbGx5X3NlY3JldF92YWx1ZTE=EOFsecret/dummy-secret created
At the time of update, my kubernetes version is,
Minor:"17", GitVersion:"v1.17.3",GitCommit:"06ad960bfd03b39c8310aaf92d1e7c1 2ce618213",GitTreeState:"clean", BuildDate:"2020-02-11T18:14:22Z",GoVersion:"go1.13.6", Compiler:"gc", Platform:"l inux/amd64"} ServerVersion: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.3",GitCommit:"06ad960bfd03b39c8310aaf92d1e7c1 2ce618213",GitTreeState:"clean", BuildDate:"2020-02-11T18:07:13Z",GoVersion:"go1.13.6", Compiler:"gc", Platform:"l inux/amd64"} ```
This was already answered but for future reference, there is no need to encode the strings by using stringData
instead of data
field as shown below:
#secrets.yamlapiVersion: v1kind: Secretmetadata: name: mysecrettype: OpaquestringData: API_KEY: "STRING_IN_CLEAR_TEXT" API_SECRET: "STRING_IN_CLEAR_TEXT"
After a while I want to return back to this question and leave an answer with a reference to official kubernetes docs:
echo -n 'admin' | base64YWRtaW4=echo -n '1f2d1e2e67df' | base64MWYyZDFlMmU2N2Rm
Pay extra attention to -n
, because it guaranties that after decoding your secret key will not contain 'new line symbol'.