livenessProbe with secret not working in kubernetes

httpHeaders only supports value and name field does not handle valueFrom

$ kubectl explain pod.spec.containers.livenessProbe.httpGet.httpHeaders

KIND:     Pod
VERSION:  v1

RESOURCE: httpHeaders <[]Object>

DESCRIPTION:
     Custom headers to set in the request. HTTP allows repeated headers.

     HTTPHeader describes a custom header to be used in HTTP probes

FIELDS:
   name <string> -required-
     The header field name

   value        <string> -required-
     The header field value

You could try using env variable like.

spec:
  containers:
  - name: mycontainer
    image: myimage
    env:
      - name: MY_SECRET
        valueFrom:
          secretKeyRef:
            name: actuator-token
            key: token
    livenessProbe:
        httpGet:
          path: test/actuator/health
          port: 9001
          httpHeaders:
          - name: Authorization
            value: $SECRET

Not sure that @DT answer gonna work, there no documentation for that feature.

Also I made some tests and the example below not working for me:

spec:
  containers:
  - name: mycontainer
    image: myimage
    env:
      - name: TOKEN
        value: '12345'
    livenessProbe:
      httpGet:
        path: /v1/health
        port: 80
        httpHeaders:
        - name: Authorization
          value: Apikey $TOKEN

I'm getting 401 for my application because it can't substitute env variable for header value. I even tried many other options with single/double quotes, with brackets, none of them working.

Otherwise, you can use exec instead of httpGet, but it requires to have curl installed in your docker image.

spec:
  containers:
  - name: mycontainer
    image: myimage
    env:
      - name: TOKEN
        value: '12345'
    livenessProbe:
      exec:
        command:
        - bash
        - -c
        - 'curl --fail http://localhost/v1/health --header "Authorization: Apikey $TOKEN"'
    initialDelaySeconds: 30
    periodSeconds: 15

If you want to use valueFrom from your secret you don't need to decode variable inside a container. I will be already decoded.

In case you can't add curl package to your image, better to consider writing custom script based on language your application developed. Here is example for js: https://blog.sixeyed.com/docker-healthchecks-why-not-to-use-curl-or-iwr/

Also, check this question, there a similar answer How to use basic authentication in a HTTP liveness probe in Kubernetes?