WTH can’t I concatenate secrets and strings?

Sometimes you need to use a secret inside another string like a path or an url.
It’s currently not possible to combine a string and a secret. You instead have to store the complete string as a Secret.
This leads to duplicated actual secrets in the secret.yaml and to less readable and less maintainable configurations as some parts are not trackable via version control (excluding secrets.yaml)


  • You might have your SSL certifcicates auto generate by a script in a subfolder like .../xxx.duckdns.org/fullchain.pem and don’t want the xxx to be exposed by your configuration.yaml
    I would like to use something like .../!secret duckdns_user .duckdns.org/fullchain.pem

  • or you have a rest call URL like https:/example.org/api/run?api_password=password123.
    Now the complete URL has to be stored in the secrets rather then using something like https:/example.org/api/run?api_password=!secret api_password_url

There have already been many post about people wondering how this could be done, e.g. Rest_command - including secret value in url?, Using secrets in a path (would have liked more but new users limited to 2 links/post, I guess that’s what you get for always using reddit instead :smiley: )

I’m aware that there probably needs to be a new syntax for this like
pre{{!secret secret_name}}suffix

Has a better solution been found to this problem than placing the whole string as a secret?

I’m also looking for a solution, actually for using a secret in a command_line integrations’ command_on or command_off value.