After I create secret and mount it volume to pod, or set secret as env inside pod,
I kubectl exec to that container, and checked secret(=password) inside container,
it’s plain text, not base64 encoded password. (though it’s base64 encoded in secret.yaml)
Is this working as designed ?
its totally depends on u. maybe CKS it describe more specific. take a look at the following page. personally i like volume mount unless its define to mount as env.
Yes. This is working as designed. It only stores it as base64 within etc