This is a cache of https://docs.openshift.com/serverless/1.28/functions/configuring/serverless-functions-secrets-configmaps-manually.html. It is a snapshot of the page at 2024-11-20T17:09:15.361+0000.
Adding function access to secrets and config maps manually - Configuring functions | Functions | Red Hat OpenShift Serverless 1.28
×

Adding function access to secrets and config maps manually

You can manually add configuration for accessing secrets and config maps to your function. This might be preferable to using the kn func config interactive utility and commands, for example when you have an existing configuration snippet.

Mounting a secret as a volume

You can mount a secret as a volume. Once a secret is mounted, you can access it from the function as a regular file. This enables you to store on the cluster data needed by the function, for example, a list of URIs that need to be accessed by the function.

Prerequisites
  • The OpenShift Serverless Operator and Knative Serving are installed on the cluster.

  • You have installed the Knative (kn) CLI.

  • You have created a function.

Procedure
  1. Open the func.yaml file for your function.

  2. For each secret you want to mount as a volume, add the following YAML to the volumes section:

    name: test
    namespace: ""
    runtime: go
    ...
    volumes:
    - secret: mysecret
      path: /workspace/secret
    • Substitute mysecret with the name of the target secret.

    • Substitute /workspace/secret with the path where you want to mount the secret.

      For example, to mount the addresses secret, use the following YAML:

      name: test
      namespace: ""
      runtime: go
      ...
      volumes:
      - configmap: addresses
        path: /workspace/secret-addresses
  3. Save the configuration.

Mounting a config map as a volume

You can mount a config map as a volume. Once a config map is mounted, you can access it from the function as a regular file. This enables you to store on the cluster data needed by the function, for example, a list of URIs that need to be accessed by the function.

Prerequisites
  • The OpenShift Serverless Operator and Knative Serving are installed on the cluster.

  • You have installed the Knative (kn) CLI.

  • You have created a function.

Procedure
  1. Open the func.yaml file for your function.

  2. For each config map you want to mount as a volume, add the following YAML to the volumes section:

    name: test
    namespace: ""
    runtime: go
    ...
    volumes:
    - configmap: myconfigmap
      path: /workspace/configmap
    • Substitute myconfigmap with the name of the target config map.

    • Substitute /workspace/configmap with the path where you want to mount the config map.

      For example, to mount the addresses config map, use the following YAML:

      name: test
      namespace: ""
      runtime: go
      ...
      volumes:
      - configmap: addresses
        path: /workspace/configmap-addresses
  3. Save the configuration.

Setting environment variable from a key value defined in a secret

You can set an environment variable from a key value defined as a secret. A value previously stored in a secret can then be accessed as an environment variable by the function at runtime. This can be useful for getting access to a value stored in a secret, such as the ID of a user.

Prerequisites
  • The OpenShift Serverless Operator and Knative Serving are installed on the cluster.

  • You have installed the Knative (kn) CLI.

  • You have created a function.

Procedure
  1. Open the func.yaml file for your function.

  2. For each value from a secret key-value pair that you want to assign to an environment variable, add the following YAML to the envs section:

    name: test
    namespace: ""
    runtime: go
    ...
    envs:
    - name: EXAMPLE
      value: '{{ secret:mysecret:key }}'
    • Substitute EXAMPLE with the name of the environment variable.

    • Substitute mysecret with the name of the target secret.

    • Substitute key with the key mapped to the target value.

      For example, to access the user ID that is stored in userdetailssecret, use the following YAML:

      name: test
      namespace: ""
      runtime: go
      ...
      envs:
      - value: '{{ configmap:userdetailssecret:userid }}'
  3. Save the configuration.

Setting environment variable from a key value defined in a config map

You can set an environment variable from a key value defined as a config map. A value previously stored in a config map can then be accessed as an environment variable by the function at runtime. This can be useful for getting access to a value stored in a config map, such as the ID of a user.

Prerequisites
  • The OpenShift Serverless Operator and Knative Serving are installed on the cluster.

  • You have installed the Knative (kn) CLI.

  • You have created a function.

Procedure
  1. Open the func.yaml file for your function.

  2. For each value from a config map key-value pair that you want to assign to an environment variable, add the following YAML to the envs section:

    name: test
    namespace: ""
    runtime: go
    ...
    envs:
    - name: EXAMPLE
      value: '{{ configmap:myconfigmap:key }}'
    • Substitute EXAMPLE with the name of the environment variable.

    • Substitute myconfigmap with the name of the target config map.

    • Substitute key with the key mapped to the target value.

      For example, to access the user ID that is stored in userdetailsmap, use the following YAML:

      name: test
      namespace: ""
      runtime: go
      ...
      envs:
      - value: '{{ configmap:userdetailsmap:userid }}'
  3. Save the configuration.

Setting environment variables from all values defined in a secret

You can set an environment variable from all values defined in a secret. Values previously stored in a secret can then be accessed as environment variables by the function at runtime. This can be useful for simultaneously getting access to a collection of values stored in a secret, for example, a set of data pertaining to a user.

Prerequisites
  • The OpenShift Serverless Operator and Knative Serving are installed on the cluster.

  • You have installed the Knative (kn) CLI.

  • You have created a function.

Procedure
  1. Open the func.yaml file for your function.

  2. For every secret for which you want to import all key-value pairs as environment variables, add the following YAML to the envs section:

    name: test
    namespace: ""
    runtime: go
    ...
    envs:
    - value: '{{ secret:mysecret }}' (1)
    1 Substitute mysecret with the name of the target secret.

    For example, to access all user data that is stored in userdetailssecret, use the following YAML:

    name: test
    namespace: ""
    runtime: go
    ...
    envs:
    - value: '{{ configmap:userdetailssecret }}'
  3. Save the configuration.

Setting environment variables from all values defined in a config map

You can set an environment variable from all values defined in a config map. Values previously stored in a config map can then be accessed as environment variables by the function at runtime. This can be useful for simultaneously getting access to a collection of values stored in a config map, for example, a set of data pertaining to a user.

Prerequisites
  • The OpenShift Serverless Operator and Knative Serving are installed on the cluster.

  • You have installed the Knative (kn) CLI.

  • You have created a function.

Procedure
  1. Open the func.yaml file for your function.

  2. For every config map for which you want to import all key-value pairs as environment variables, add the following YAML to the envs section:

    name: test
    namespace: ""
    runtime: go
    ...
    envs:
    - value: '{{ configmap:myconfigmap }}' (1)
    1 Substitute myconfigmap with the name of the target config map.

    For example, to access all user data that is stored in userdetailsmap, use the following YAML:

    name: test
    namespace: ""
    runtime: go
    ...
    envs:
    - value: '{{ configmap:userdetailsmap }}'
  3. Save the file.