I want to get the last time a secret was modified via the kube api. I cannot seem to find a way to access this information. I had a look at events but I cannot find any for Secrets.
An example would be I create a secret called my-secret, I then update this the next day but I want to know what time it was updated and not the creation time.
Any help would be great thanks.
The following command will give you the secret chronological history:
kubectl get secret <name> --namespace <namespace> --show-managed-fields -o jsonpath='{range .metadata.managedFields[*]}{.manager}{" did "}{.operation}{" at "}{.time}{"\n"}{end}'
Example, create a secret:
kubectl create secret generic test --from-literal user=$(echo 'somebody' | base64)
Run the above command:
kubectl-create did Update at 2021-12-06T01:12:17Z
Retrieve the created secret
kubectl get secret test -o yaml > test.yaml. Replace the value for "user" in the yaml with echo 'nobody' | base64 output and re-apply kubectl apply -f test.yaml.
Run the above command and it reports the last update action and timestamp:
kubectl-create did Update at 2021-12-06T01:12:17Z
kubectl-client-side-apply did Update at 2021-12-06T01:13:33Z
Now do a replace kubectl patch secret test --type='json' -p='[{"op" : "replace" ,"path" : "/data/user" ,"value" : "aGVsbG93b3JsZAo="}]'
Run the above command again:
kubectl-create did Update at 2021-12-06T01:12:17Z
kubectl-client-side-apply did Update at 2021-12-06T01:13:33Z
kubectl-patch did Update at 2021-12-06T01:21:57Z
The command correctly reports all the changes made to the secret.