Kubernetes Missing secret file with error Error: secret "env" not found

Question

When I deploy the new release of the Kubernetes app I got that error

Error: secret "env" not found

even I have env in Custom Resource Definitions --> sealedsecrets.bitnami.com

env.yaml

apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
  creationTimestamp: null
  name: env
  namespace: api
spec:
  encryptedData:
    AUTH_COGNITO: AgCIxZX0Zv6gcK2p ----
template:
    metadata:
      creationTimestamp: null
      name: env
      namespace: api
    type: Opaque

deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ .Release.Name }}
  labels:
    app: {{ .Release.Name }}
spec:
  revisionHistoryLimit: 2
  replicas: {{ .Values.replicas }}
  selector:
    matchLabels:
      app: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app: {{ .Release.Name }}
    spec:
      containers:
        - name: {{ .Release.Name }}
          image: "{{ .Values.imageRepository }}:{{ .Values.tag }}"
          env:
            {{- include "api.env" . | nindent 12 }}
          resources:
            limits:
              memory: {{ .Values.memoryLimit }}
              cpu: {{ .Values.cpuLimit }}
            requests:
              memory: {{ .Values.memoryRequest }}
              cpu: {{ .Values.cpuRequest }}
          {{- if .Values.healthCheck }}
          livenessProbe:
            httpGet:
              path: /healthcheck
              port: 4000
            initialDelaySeconds: 3
            periodSeconds: 3
            timeoutSeconds: 3
          {{- end }}
      imagePullSecrets:
        - name: {{ .Values.imagePullSecret }}      
      {{- if .Values.tolerations }}
      tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
      {{- end }}
      {{- if .Values.nodeSelector }}
      nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
      {{- end }}

UPDATE to my question my secrets I don't have secret called env

plus that error in regcred inside Sealedsecrets.bitnami.com

Failed to unseal: no key could decrypt secret (.dockerconfigjson)

Answer 1

You ran kubeseal against the wrong Kubernetes cluster or you tried to edit the name or namespace after encrypting without enabling those in the encryption mode. More likely the first.

Answer 2

even @coderanger answer it I would like to add more details

I made a mistake I was running the kubeSeal command with the wrong namespace( api instead of api2) then change it in the converted file

KubeSeal < input.yaml > env.yaml -o yaml

input.yaml

apiVersion: v1
kind: Secret
metadata:
  name: env
  namespace: api
type: Opaque
stringData:
  DB_USER: "userName"
  DB_PASSWORD: "password"