couldn't find key MYSQL_KEY in Secret default/mysql-secret

I have the following file that creates a mysql-secret for mysql deployment pod.

apiVersion: v1
kind: Secret
metadata:
  name: mysql-secret
type: Opaque
data:
  mysql-password: MTExMTEx
  mysql-root-password: MTExMTEx
  mysql-user: YQ==

The problem is that, previously I could deploy mysql on Kubernetes cluster using the secret key created by this command:

kubectl create secret generic mysql-secret --from-literal MYSQL_KEY=11111

And using MYSQL_KEY I could pass it to other deployment files like auth as you can see below:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: auth-depl
spec:
  replicas: 1
  selector:
    matchLabels:
      app: auth
  template:
    metadata:
      labels:
        app: auth
    spec:
      containers:
        - name: auth
          image: auth
          env:
            - name: MYSQL_URI
              value: 'mysql://auth-mysql-srv:3306/users_auth'
            - name: MYSQL_ROOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mysql-secret
                  key: MYSQL_KEY

But now I don't have a key using a yaml file to create the secret key and I get the following error because of that:

 - deployment/auth-mysql-depl is ready. [3/5 deployment(s) still pending]
 - deployment/mysql: container mysql in error: &ContainerStateWaiting{Reason:CreateContainerConfigError,Message:couldn't find key MYSQL_KEY in Secret default/mysql-secret,}
    - pod/mysql-78bbf5f6f4-vbpkz: container mysql in error: &ContainerStateWaiting{Reason:CreateContainerConfigError,Message:couldn't find key MYSQL_KEY in Secret default/mysql-secret,}

How can I add a key: MY_SQL property to the secret.yaml file or find a way to eliminate it from the other deployment files like auth that uses it?

If I just eliminate key: MYSQL_KEY from auth deployment file I get this error:

 - The Deployment "auth-depl" is invalid: spec.template.spec.containers[0].env[1].valueFrom.secretKeyRef.key: Required value

EDIT: I tried to create the secret before I run skaffold dev using kubectl apply -f mysql-secret.yaml command and it worked. My question is, how can I say to skafoold please run kubectl apply -f on mysql-secret.yaml file before the other yaml files?

apiVersion: skaffold/v4beta1
kind: Config
build:
  artifacts:
  - image: auth
    context: auth-service
    sync:
      manual:
      - src: src/**/*.ts
        dest: .
    docker:
      dockerfile: Dockerfile
  - image: client
    context: client-service
    sync:
      manual:
      - src: lib/**/*.dart
        dest: .
    docker:
      dockerfile: Dockerfile
  local:
    push: false
manifests:
  rawYaml:
  - ./infra/k8s/*
deploy:
  kubectl: {}
  kubeContext: kind-kind

Common causes of this error :

1)ConfigMap is missing—a ConfigMap stores configuration data as key-value pairs.

Resolution : Identify the missing ConfigMap and create it in the namespace, or mount another, existing ConfigMap.

2)Secret is missing—a Secret is used to store sensitive information such as credentials.

Resolution : Identify the missing Secret and create it in the namespace, or mount another, existing Secret.

Try below possible solutions :

Solution 1:

The reason is due to when we create secret it regards the whole text as one single string as config.yaml It does not take username or password as key To workaround it, we need to get decoded string via base64

echo 'test' | base64  --->  dGVzdAo=

Then correct yaml file is :

apiVersion: v1kind: Secretmetadata:  name:  test-stg-secret
type: Opaque
data:
    username: dGVzdAo=
    password:  dGVzdAo=

Please go through Henry Xie 's blog & similar SO for more information.

Solution 2 : You need to understand whether a ConfigMap or Secret is missing. Run kubectl describe pod <podname> -n <namespace>, you might see the cause of failing.

Run one of these commands to see if the requested ConfigMap or Secret exists in the cluster:

<pre”>kubectl get configmap kubectl get secret

If the command returns null, the ConfigMap or Secret is indeed missing. Follow these instructions to create the missing object mounted by the failed container: create a ConfigMap or create a secret.

If the pod has not started then you can not exec into pod, In this case run kubectl get pods -o wide and check in which node the pod is scheduled.

Go to that node and run docker ps -a and get the container id desired container and then check docker logs -f <container id>. Note : (you can ssh into the node.)

Please go through Fixing CreateContainerConfig Error for more information

Solution 3: Before the container goes into the Running state it goes through the deployment configuration and validates all the necessary configurations which are needed for the successful deployment of the docker container. During the validation phase it tries to find the secretKeyRef with the name, key but it could not find those secrets available inside the kubernetes cluster leading to CreateContainerConfigError.

1)Replicate the error CreateContainerConfigError

2)How to Check the container logs for finding the missing Kubernetes Secret

3)Create and apply the correct kubernetes secret

4)Re-run the kubernetes deployment after fixing the kubernetes secret

5)Debugging of the CreateContainerConfigError by looking into the POD logs using the kubectl describe Pod command.

Please go through Solving Error CreateContainerConfig for more information.