Parametrize a rust container in a kubernetes cluster

I have a container that runs a rust created binary that needs to be parametrized (eg with a database password).

The easy and straightforward way would be to add the value as an environment variable and then reference it accordingly from rust. The issue is that as I understand it this is not the recommended approach security wise from Kubernetes.

This leaves us mounting Kubernetes secrets as a volume in the pod.

I played a bit with dotenv but it seems it is not supported the Kubernetes mounted secret format by default.

The issue is that I'm unable to find a good library or example that describes this pattern, without adding ugly intermediate steps.

Is there anybody that has done it, and has any best practices to provide?

Maybe Config — Rust config library // with config-secret — Rust config library // would help?

Just use serde + File::open ?

Thank you, this is more or less what I was looking for, will play with it a bit

Thank you for the suggestion, this would be the last resort indeed. I will try the config library for now and see where it leads

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.