Skip to content

Instantly share code, notes, and snippets.

@Becram

Becram/kubeseal-generator.sh

Created May 20, 2021 11:23
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Becram/fc8e21606f68c49dbb6a91efc9cf6202 to your computer and use it in GitHub Desktop.
Save Becram/fc8e21606f68c49dbb6a91efc9cf6202 to your computer and use it in GitHub Desktop.
Download ZIP
generate kubeseal secrets
Raw
kubeseal-generator.sh
#!/bin/bash
SECRET_NAME="apm-creds"
NAMESPACE="rasa"
ARRAY=("apm_server_url:t1"
"apm_secret_token:t2")
for secret in "${ARRAY[@]}" ; do
KEY="$(echo $secret | cut -d':' -f1 )"
VALUE="$(echo $secret | cut -d':' -f2-)"
# echo $KEY $VALUE
kubectl -n $NAMESPACE create secret generic $SECRET_NAME --dry-run=client --from-literal="${KEY}"="${VALUE}" -o json >mysecret.json
kubeseal --cert $1 <mysecret.json >mysealedsecret.json
cat mysealedsecret.json | echo "${KEY}: $(jq -r .spec.encryptedData.${KEY})"
rm mysecret.json mysealedsecret.json
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment