Create

Project Secrets allow you to define and share secrets across the allowed clusters where space and virtual cluster instances of the project are deployed. There are two ways to utilize project secrets. The first is to create a project secret and populate it with its own secret data. The second is to sync a project secret with a shared secret. In both cases, to utilize the secret data, you will create a regular Kubernetes Secret with labels referring to the Project Secret. Once created, Loft will handle synchronizing the project secret data to your secret.

Data or Shared Secrets, but not both

It is not possible to define data custom in a project secret and synchronize a shared secret. If you need to define additional secret data that is specific to your project, it is best to create a separate secret, and combine them in your pod specifications.

Create Project Secret

To create a project secret with its own data follow these steps:

1. Navigate to the Projects view using the menu on the left
2. Select the project you'd like to configure using the drop down menu
3. Click on Project Secrets
4. Click on the button
5. Add a display name, such as "My Secret" and optional description for the project secret. The UI will automatically fill in the `.metadata.name` with `my-secret`. If you wish to change this name you may edit the YAML directly
6. In the Secret Data input, add your secret key/value pairs
7. Click on the button to save your changes

Once the project secret has been created, head over to the Secret Sync page to learn how to use the project secret data from a Pod.