K
Q

How to edit secrets in kubernetes nicely?

1/12/2018

I'd like to edit my secrets. The only way I'm aware of is kubectl edit secret mysecret which gets me yaml blob to edit. However, all secrets are base64 encoded which isn't an easy way to edit them.

Can I mount secrets to local volume somehow? Can I extract secrets to my localhost and edit them there? And lastly, can I edit some way to get plaintext keys/values (or just one key) instead of base64 encoded values.

P.S. Can I see secret keys easily with kubectl? With edit I see them, but when I'm only interested in keys, not the values.

-- nmiculinic
kubernetes

Similar Questions

I am trying to use gcs bucket as the volume in gke pod
Optional volume/secret volume in kubernetes?
GitLab CI build fails with error: no space left on device.
Setting up Kubernetes cluster in the same way for local dev and testing and deployment

2 Answers

2/10/2018

We use https://github.com/bq/k8s-secret-editor - it works great! It's a little behind but I've been using with Kubernetes 1.8 without issue.

-- Sam Kenny
Source: StackOverflow
1/12/2018

Unfortunately no, the problem you describe is something you just have to deal with "on the side" by decoding/encoding base64 content on your own.

There are ways to simplify this by using templating for resources (ie. via helm charts), but that involves storing the raw secret in some other way and just applying changes from "source" rather then do an edit.

-- Radek 'Goblin' Pieczonka
Source: StackOverflow