K
Q

How to update secret with "kubectl patch --type='json'"

4/18/2019

I created a secret like this:

kubectl create secret generic test --from-literal=username=testuser --from-literal=password=12345

I want to update the username to testuser2 but I want to do it only with kubectl patch --type='json'.

This is how I tried to do it:

kubectl patch secret test --type='json' -p='[{"data":{"username": "testuser 2"}}]' -v=1

But I received:

The "" is invalid

Remember, I want to do it with the option of --type='json', no other workarounds.

-- E235
kubectl
kubernetes
kubernetes-secrets

Similar Questions

Kubernetes node different region in single cluster
Kubernetes Python client connection Issue
Should i create a API for readinessprobe to work kubernetes
Keycloak can't connect to Postgres: "SSL connection is required"

1 Answer

4/18/2019

I found how to do it after I read here that referred me to this great article.
This is the JSON secret:

{
    "apiVersion": "v1",
    "data": {
        "password": "aWx1dnRlc3Rz",
        "username": "dGVzdHVzZXI="
    },
    "kind": "Secret",
    "metadata": {
        "creationTimestamp": "2019-04-18T11:37:09Z",
        "name": "test",
        "namespace": "default",
        "resourceVersion": "3017",
        "selfLink": "/api/v1/namespaces/default/secrets/test",
        "uid": "4d0a763e-61ce-11e9-92b6-0242ac110015"
    },
    "type": "Opaque"
}

Therefore, to update the user's field I needed to create the JSON Patch format:

[
    {
        "op" : "replace" ,
        "path" : "/data/username" ,
        "value" : "dGVzdHVzZXIy" # testuser2 in base64
    }
]

Notice that the value should be in base64.

The result is:

kubectl patch secret test --type='json' -p='[{"op" : "replace" ,"path" : "/data/username" ,"value" : "dGVzdHVzZXIy"}]'
-- E235
Source: StackOverflow