Kubernetes Secret Generator
Generate Kubernetes Secrets safely using stringData to keep your YAML readable before deploying. Supports Opaque, TLS, and Docker Registry secrets.
Kubernetes Secret Generator
Overview
Generate Kubernetes Secret manifests using `stringData`. This allows you to write secrets in plain text within your generator or repository, while Kubernetes automatically handles the base64 encoding when the object is applied to the API server.
Frequently Asked Questions
Why use stringData instead of data?
If you use the `data` field in Kubernetes Secrets, you must manually base64-encode every value before pasting it into the YAML. If you use `stringData`, you can type the raw string directly, and Kubernetes will automatically encode it for you upon creation.
Are Kubernetes Secrets encrypted?
By default, Kubernetes Secrets are only base64-encoded, NOT encrypted, when stored in etcd. You must configure etcd Encryption at Rest on your cluster to properly secure them, or use an external KMS.