Enclose secrets in single quotes

[kbatuigas]

Description

This PR modifies code examples that use a secret with rpk cluster config set to update cluster properties. Single quotes are added around the secret to ensure that the shell doesn't try to interpret the secret as a variable, and the secret value gets passed into the cluster config correctly.

Resolves https://redpandadata.atlassian.net/browse/
Review deadline:

Page previews

Checks

• New feature
• Content gap
• Support Follow-up
• Small fix (typos, links, copyedits, etc)

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

📝 Walkthrough

Walkthrough

The PR updates documentation examples in four AsciiDoc files to wrap secret placeholders in single quotes. Changes occur in AWS Glue, Databricks Unity, Snowflake catalog pages, and a shared Iceberg catalogs partial. Lines like iceberg_rest_catalog_secret_key=${secrets.<...>} are revised to iceberg_rest_catalog_secret_key='${secrets.<...>}' in sample configurations and rpk cluster config set commands. No code or API changes are introduced; only doc snippets are modified.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Ensure secrets code examples use single quotes DOC-1638	✅

Possibly related PRs

• Update Glue doc with Cloud-specific guidance #1275 — Also updates AWS Glue Iceberg docs and related secret/config examples.
• Query Iceberg topics with Databricks Unity #1154 — Touches the Iceberg Databricks Unity doc and rpk config examples around secrets.
• Single source Iceberg+Snowflake integration doc for Cloud #1131 — Modifies Iceberg + Snowflake docs, including rpk client secret configuration examples.

Suggested reviewers

• simon0191
• mattschumpert
• wdberkeley
• micheleRP

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch DOC-1638-single-source

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[netlify]

✅ Deploy Preview for redpanda-docs-preview ready!

Name	Link
🔨 Latest commit	f010b83
🔍 Latest deploy log	https://app.netlify.com/projects/redpanda-docs-preview/deploys/68ad38dd637e0c00081333fe
😎 Deploy Preview	https://deploy-preview-1340--redpanda-docs-preview.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

modules/manage/pages/iceberg/iceberg-topics-aws-glue.adoc (1)

152-161: Fix multiline command: missing trailing backslashes will break the rpk invocation.

Lines for base_location, region, and access_key are missing trailing backslashes, causing the shell to start new commands mid-block. The new single-quoted secret is correct; just ensure the full block remains one command.

Apply this diff to restore proper line continuations:

 rpk cluster config set \
   iceberg_enabled=true \
   iceberg_catalog_type=rest \
   iceberg_rest_catalog_endpoint=https://glue.<glue-region>.amazonaws.com/iceberg \
   iceberg_rest_catalog_authentication_mode=aws_sigv4 \
-  iceberg_rest_catalog_base_location=s3://<bucket-name>/<warehouse-path>
-  iceberg_rest_catalog_aws_region=<glue-region>
-  iceberg_rest_catalog_aws_access_key=<glue-access-key>
+  iceberg_rest_catalog_base_location=s3://<bucket-name>/<warehouse-path> \
+  iceberg_rest_catalog_aws_region=<glue-region> \
+  iceberg_rest_catalog_aws_access_key=<glue-access-key> \
   iceberg_rest_catalog_aws_secret_key='${secrets.<glue-secret-key-name>}'

🧹 Nitpick comments (2)

modules/manage/pages/iceberg/iceberg-topics-databricks-unity.adoc (1)

142-145: Secret is correctly single-quoted for Bash/zsh; consider a brief cross-OS note.

On Windows cmd.exe, single quotes are literal characters; users there can omit quotes or use double quotes ("${secrets.<...>}"). Optional to add a short tip beneath the block to reduce copy/paste friction for Windows users.

modules/manage/partials/iceberg/use-iceberg-catalogs.adoc (1)

192-193: Good change; add a one-line rationale for readers.

Consider adding a short sentence above the command: “Single quotes ensure the shell passes the literal ${secrets.} to rpk without expansion or word splitting.”

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1126e17 and 38fc5bb.

📒 Files selected for processing (4)

• modules/manage/pages/iceberg/iceberg-topics-aws-glue.adoc (1 hunks)
• modules/manage/pages/iceberg/iceberg-topics-databricks-unity.adoc (1 hunks)
• modules/manage/pages/iceberg/redpanda-topics-iceberg-snowflake-catalog.adoc (1 hunks)
• modules/manage/partials/iceberg/use-iceberg-catalogs.adoc (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Redirect rules - redpanda-docs-preview
• GitHub Check: Header rules - redpanda-docs-preview
• GitHub Check: Pages changed - redpanda-docs-preview

🔇 Additional comments (1)

modules/manage/pages/iceberg/redpanda-topics-iceberg-snowflake-catalog.adoc (1)

79-81: Quoting the secret prevents unwanted shell expansion — good call.

Using single quotes around ${secrets.<...>} guarantees the literal is passed to rpk, which then resolves the secret on the server side. The surrounding multi-line command is syntactically correct (final argument without a trailing backslash).

[micheleRP]

lgtm