Base64 secret handling

Hi All,

I’m trying to use the vault agent sidecar to inject secrets into a vendor application using the environment variable pattern where we save the secrets as export statements and then source them before calling the entrypoint.

One area that I’m having trouble with is figuring out when and how to base64 decode. With simpler templates I was able to just use the base64Decode function when using .Data.xyz. In this case I’m using printf to add the export command, but this entire string becomes base64 encoded on the filesystem. But if I try “base64Decode printf…” I get an error that base64Decode is being called on non-base64 encoded data.

How do I output this in plain text?