conf2kube can read and create Kubernetes secrets based on the contents of configuration files.
Go
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
examples
CONTRIBUTING.md
LICENSE
README.md
main.go

README.md

conf2kube

conf2kube creates Kubernetes secrets based on contents of configuration files.

This is not an official Google product.

Install

Download a binary release or use the go get command.

$ go get github.com/kelseyhightower/conf2kube

Usage

$ conf2kube -h
Usage of conf2kube:
  -f file
        Path to configuration file. Defaults to stdin. (default "-")
  -n name
        The name to use for the Kubernetes secret. Defaults to basename of configuration file.
  -k key
        The key to use for the Kubernetes secret in the data section of the secret. 
        Defaults to the name (stdin) or basename of configuration file.
  -x    Extract config from incoming JSON formatted secret and print to stdout.

Create a new secret from stdin

$ cat redis.conf | conf2kube -n redis.conf -f - | kubectl create -f -

The -f flag is optional when creating secrets from stdin.

Create a new secret from a configuration file

$ conf2kube -f redis.conf | kubectl create -f -

Use the -n flag to create a secret with a specific name.

$ conf2kube -f redis.conf -n redis-master.conf | kubectl create -f -

Update an existing secret

Use the kubectl apply command to update an existing secret.

$ conf2kube -f redis.conf | kubectl apply -f -

Extract the contents of a secret

Use the -x flag to extract JSON formated secrets from stdin.

$ kubectl get secrets redis.conf -o json | conf2kube -x

Use the -n flag to extract a secret by a specific data name. Useful when the data name does not match the secret name.

$ kubectl get secrets redis.conf -o json | conf2kube -x -n redis-master.conf

Create a new secret from a configuration file with multiple entries

$ conf2kube -n nginx-ssl-certs -f example.com.crt | kubectl create -f -

Add additional entries to the same secret using kubectl patch.

$ kubectl patch secret nginx-ssl-certs -p `conf2kube -n nginx-ssl-certs -f example.com.csr`
$ kubectl patch secret nginx-ssl-certs -p `conf2kube -n nginx-ssl-certs -f example.com.key`

A secret named nginx-ssl-certs is created with 3 entries: example.com.crt, example.com.csr and example.com.key.

Extract the contents of a multi-value secret

Use the -x flag to extract JSON formated secrets from stdin, and the -k flag to specify which secret.

$ kubectl get secret nginx-ssl-certs -o json | conf2kube -x -k example.com.csr