Skip to content

SUSE/scf-secret-generator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

164 Commits
make
make
 
 
model
model
 
 
password
password
 
 
secrets
secrets
 
 
ssh
ssh
 
 
ssl
ssl
 
 
util
util
 
 
vendor
vendor
 
 
.gitignore
.gitignore
 
 
Gopkg.lock
Gopkg.lock
 
 
Gopkg.toml
Gopkg.toml
 
 
LICENSE.md
LICENSE.md
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
main.go
main.go
 
 

Repository files navigation

SCF Secret Generator

A utility for SUSE Cloud Foundry for generating secrets based on the role manifest.

It works in conjunction with the fissile project.

These secrets are described in the variables section, and will be generated if they have secret: true properties and non-empty type properties.

It can generate:

  • passwords
  • SSL certificates
  • SSH keys

It will not overwrite existing secrets, so is safe to run between upgrades.

Usage

scf-secret-generator is meant to run inside a pre-flight Kubernetes job. This job should have the KUBERNETES_NAMESPACE environment variable set, and will create or update the secret called secret inside that namespace.

After that job has finished, you should be able to see that the secrets have been populated:

kubectl -n $(KUBERNETES_NAMESPACE) get secret secret -o yaml

Note that Kubernetes returns these values as base64 encoded, so they must be base64 decoded before using.

Building

A modern Go version is required. The version used in SCF is described in the package spec.

go build will create the binary.

About

SCF Secret Generation Job

Resources

Readme

License

View license
Activity
Custom properties

Stars

2 stars

Watchers

18 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 5

Languages