How can I update a secret on Kubernetes when it is generated from a file?
This should work:
kubectl create secret generic production-tls \
--save-config \
--dry-run=client \
--from-file=./tls.key --from-file=./tls.crt \
-o yaml | \
kubectl apply -f -
You can delete and immediately recreate the secret:
kubectl delete secret production-tls \
--ignore-not-found
kubectl create secret generic production-tls \
--from-file=./tls.key \
--from-file=./tls.crt
I put these commands in a script. The --ignore-not-found
prevents getting a warning on the first run.