Kubernetes

By default kubernetes tls secret must consist two fields a tls.key and tls.crt. It works perfectly fine in most of the cases, but not when we need mutual tls which is handled by ingress-nginx. This kind of ingress requires a secret with a “ca.crt” field to validate client certs. Obviously it tricks a kubectl which can’t append more than standard.

I believe that I am not only one who needed to get a secret value out of kubernetes. Usual advice focus on use of kubectl with json output and/or jsonpath. Problem is - the kubectl jsonpath is limited thus result needs to be scanned further by jq. It works, but jq is not part of everyone’s working environment.