Skip to content

Document secrets from files for Kubernetes deployments #360

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bluestreak01 merged 1 commit into from
Feb 4, 2026
Merged

Document secrets from files for Kubernetes deployments #360

bluestreak01 merged 1 commit into from
Feb 4, 2026

Conversation

@bluestreak01
Copy link
Member

@bluestreak01 bluestreak01 commented Feb 4, 2026
edited
Loading

Summary

Documents the _FILE suffix convention for reading sensitive configuration values from mounted files, enabling native integration with Kubernetes Secrets.

Related to:

Changes

  • Configuration overview: Add "Secrets from files" section covering:

    • Usage with environment variables and properties
    • Precedence rules (_FILE takes priority over direct values)
    • File requirements (64KB max, UTF-8, path restrictions)
    • Error handling (startup vs runtime behavior)
    • Reloading with reload_config()
    • Supported properties (OSS and Enterprise separated)

  • Kubernetes page: Add "Using Kubernetes secrets" section with:

    • Complete StatefulSet + Secret YAML example
    • Note about production deployments using Helm chart

  • Enterprise quick start: Add tip for Kubernetes password configuration

Test plan

  • Preview configuration overview: /docs/configuration/overview/#secrets-from-files
  • Preview Kubernetes page: /docs/deployment/kubernetes/#using-kubernetes-secrets
  • Preview Enterprise quick start: /docs/getting-started/enterprise-quick-start/#0-secure-the-built-in-admin
  • Verify all internal links work

🤖 Generated with Claude Code

@bluestreak01 @claude
Document secrets from files for Kubernetes deployments
57e0347 
Add documentation for the _FILE suffix convention that allows QuestDB to
read sensitive configuration values from mounted files. This enables native
integration with Kubernetes Secrets, Docker Secrets, and HashiCorp Vault.

Changes:
- Add "Secrets from files" section to configuration overview with usage,
  precedence rules, file requirements, error handling, and supported properties
- Add "Using Kubernetes secrets" section with StatefulSet example
- Add tip to Enterprise quick start for Kubernetes password configuration
- Separate OSS and Enterprise properties in documentation

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@github-actions
Copy link

github-actions bot commented Feb 4, 2026

🚀 Build success!

Latest successful preview: https://preview-360--questdb-documentation.netlify.app/docs/

Commit SHA: 57e0347

📦 Build generates a preview & updates link on each commit.

@bluestreak01 bluestreak01 merged commit e1e6b00 into main Feb 4, 2026
10 checks passed
@bluestreak01 bluestreak01 deleted the vi_k8s branch February 4, 2026 22:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bluestreak01