sealed secret deployment with helm but the pods fail to start

Question

I'm trying to deploy sealed secret to kubernetes cluster using helm, once the helm chart is deployed I can find the secret under sealedsecret/api

However the pods fail to start, with the Error: secret "api" not found , how can I tell the pod to use the sealedsecret/api

If I run kubectl get secret I do not see the secret however if I run kubectl get sealedsecret I see the secret api is running under sealedsecret/api

inside my deployment I have

env:
{{- range $key, $val := .Values.encryptedData }}
- name: {{ $key }}
  valueFrom:
    secretKeyRef:
      name: {{ include "api.fullname" $ }}
      key: {{ $key }}
{{- end }}

SealedSecret

apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
  name: {{ include "api.fullname" . }}
  namespace: api
  
spec:
  template:
    metadata: 
      name: {{ include "api.fullname" . }}
  encryptedData:
    {{- range $key, $val := .Values.encryptedData }}
    {{ $key }}: {{ $val }}
    {{- end }}

any help would be appreciated

Answer 1

There isn't enough information to answer but I have too much to write for a comment, so I hope this helps.

To debug a sealed secret issue you should look at the sealed secret logs to find the problem. kubectl logs -n <sealed secret namespace> deployment/<sealed secret deployment>.

However, I would guess you are missing annotations:

apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
  annotations:
    sealedsecrets.bitnami.com/cluster-wide: "true"

The other annotation is sealedsecrets.bitnami.com/cluster-wide: "true". If you don't specify these you need the exact namespace and name when creating the secret.