Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modify secret without worrying about base64 encode/decode #1017

Open
tcaenen opened this issue Jan 21, 2021 · 10 comments
Open

Modify secret without worrying about base64 encode/decode #1017

tcaenen opened this issue Jan 21, 2021 · 10 comments
Labels
question Further information is requested

Comments

@tcaenen
Copy link

tcaenen commented Jan 21, 2021

There's already a kubectl plugin that works quite well to do that : https://github.com/rajatjindal/kubectl-modify-secret
It would be an awesome feature to add to k9s.
Maybe using a new shortcut like ctrl-x ?
@derailed derailed added the question Further information is requested label Jan 23, 2021
@derailed
Copy link
Owner

@tcaenen Unless I am mistaken, you don't a plugin for this as you can just use stringData since it's just an encoding. Might as well let k8s take care of base64ing your secrets.

@fernferret
Copy link

Why not use the excellent k9s plugin system!

I configured this by adding the following to my ~/.k9s/plugin.yml:

plugin:
  edit-secret:
    shortCut: Ctrl-X
    confirm: false
    description: "Edit Decoded Secret"
    scopes:
      - secrets
    command: kubectl
    background: false
    args:
      - modify-secret
      - --namespace
      - $NAMESPACE
      - --context
      - $CONTEXT
      - $NAME

Now I can edit secrets using this plugin with <Ctrl-X>

I had a brief look at the code for editing secrets and as suspected; @derailed is just calling kubectl edit ... so I don't like the idea of making users install a plugin to edit secrets, since it doesn't use the kubernetes api for a lot of these calls; it just calls kubectl.

@jontro
Copy link

jontro commented Dec 1, 2021
edited

For others trying out @fernferret's solution: You need to install krew and the kubectl-modify-secret plugin found here

@darluc
Copy link

darluc commented Oct 11, 2022

It works! Thanks @fernferret & @jontro

@msolimans
Copy link

msolimans commented Nov 27, 2022
edited

  1. Install krew from here https://krew.sigs.k8s.io/docs/user-guide/setup/install/ (skip this step in case you have already it)

  2. Install modify-secret plugin
    kubectl krew install modify-secret

  3. Run the following command or add it to ~/.zshrc or ~/.bashrc
    export XDG_CONFIG_HOME=~/

  4. Add the following to ~/k9s/plugin.yml

plugin:
  edit-secret:
    shortCut: Ctrl-X
    confirm: false
    description: "Edit Decoded Secret"
    scopes:
      - secrets
    command: kubectl
    background: false
    args:
      - modify-secret
      - --namespace
      - $NAMESPACE
      - --context
      - $CONTEXT
      - $NAME

@guettli
Copy link

guettli commented Sep 14, 2023

it would be great if k9s could do this without a plugin. At least for me above did not work.

Although k modify-secret foo works.

@benjimin
Copy link

Seconding this. It's very useful that k9s can view a secret in decoded form. The existing functionality to edit a secret in k9s is inconvenient (because you're editing the base64 encoding rather than the plaintext). I don't see any reason why a third-party kubectl plugin should be necessitated?

This enhancement might also be a good first issue, in that it seems like a moderately straightforward and self-contained feature request (to combine the existing functionality of the "decode" and "edit" functions, for example by re-encoding the data before dispatching).

@pratclot
Copy link

  1. Install krew from here https://krew.sigs.k8s.io/docs/user-guide/setup/install/ (skip this step in case you have already it)

    1. Install modify-secret plugin
      kubectl krew install modify-secret

    2. Run the following command or add it to ~/.zshrc or ~/.bashrc
      export XDG_CONFIG_HOME=~/

    3. Add the following to ~/k9s/plugin.yml

plugin:
  edit-secret:
    shortCut: Ctrl-X
    confirm: false
    description: "Edit Decoded Secret"
    scopes:
      - secrets
    command: kubectl
    background: false
    args:
      - modify-secret
      - --namespace
      - $NAMESPACE
      - --context
      - $CONTEXT
      - $NAME

Step 2 is helpful, step 3 will ruin all your other apps, step 4 specifies incorrect filename and wrong content. Please see here how to properly organize the file.

@jamesharr
Copy link

jamesharr commented May 23, 2024
edited

Minor update; k9s seems to have changed the desired location/extension of the plugins file and the format ever so slightly.

# ~/.config/k9s/plugins.yaml
plugins:
  edit-secret:
    # Setup:
    #  brew install krew
    #  kubectl krew install modify-secret
    #  echo "export XDG_CONFIG_HOME=~/.config" >> ~/.zshrc   # this may or may not be required now
    # See also:
    #  https://github.com/derailed/k9s/issues/1017#issuecomment-1328330026
    shortCut: Ctrl-X
    confirm: false
    description: "Edit Decoded Secret"
    scopes:
      - secrets
    command: kubectl
    background: false
    args:
      - modify-secret
      - --namespace
      - $NAMESPACE
      - --context
      - $CONTEXT
      - $NAME

I still think this would be an amazing thing to have built-in to k9s. It's been extremely useful

@theomeuh
Copy link

theomeuh commented Jun 17, 2024
edited

I am also looking for a simple solution to edit secret without any plugin. This looks like a missed opportunity to make dev life simple

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests