If I run this:

kubectl create secret generic kubeconfig --from-file=/etc/rancher/k3s/k3s.yaml

Is there a manifest (or literally any file at all) created somewhere I can reference? I'm trying to ansibilize it and I just want to run it once, with a

creates

directive. So if there was a manifest, that'd be super easy. I need to do this for some argo shenanigans if you're curious why I would yo dawg my kubeconfig.

If you want a file then add

--dry-run=client --output=yaml

and pipe the output into a file

Why would you stick your admin kubeconfig into a Kubernetes secret, instead of just using a service account? If you need access to Kubernetes from within the cluster, that is literally what service accounts are for. Sticking your admin kubeconfig in there so you can use it in pods is definitely an anti-pattern.

I wanted a file as a reaction to running that command or some other way to manage that secret without recreating it every time. However, Brandon's clarity on using a service account is enough for me to push back on this. It didn't make sense (because I know 0 about argo), but now that I know it can be accomplished with an SA instead, I'm going to push for it. Thanks a ton for the help folks.