Show decoded contents of a secret

kubectl-show_secret

#!/bin/bash

usage()
{
    echo "Usage: kubectl show-secret [-n namespace] secret [...secret]"
    exit
}

while [ $# -gt 0 ]; do
    while getopts n: opt; do
        case $opt in
            n) NAMESPACE=$OPTARG;;
            h) usage
        esac
    done
    [ $? -eq 0 ] || exit 1
    [ $OPTIND -gt $# ] && break   # we reach end of parameters

    shift $[$OPTIND - 1] # free processed options so far
    OPTIND=1             # we must reset OPTIND
    ARGS[${#ARGS[*]}]=$1 # save first non-option argument (a.k.a. positional argument)
    shift                # remove saved arg
done

print_data()
{
    local key=$1
    shift
    local jq_filters="$*"

    echo -e "${COLOR_BOLD}--- $key ---${COLOR_RESET}"
    jq ".data[\"$key\"]$jq_filters" <<<$"$data" | xargs printf "%b"
    echo
    echo -e "${COLOR_BOLD}--- end $key ---${COLOR_RESET}"
}

#echo Namespace: $NAMESPACE
#echo Secrets: ${ARGS[*]}

for secret in ${ARGS[*]}; do
    data="$(command kubectl get secret ${NAMESPACE:+ -n $NAMESPACE} $secret -o json)"

    # .stringData
    keys=( $(jq -r '(.stringData // empty) | keys | .[]' <<<"$data") )
    first=true
    if [ ${#keys[*]} -gt 0 ]; then
        for key in ${keys[*]}; do
            $first || echo; first=false
            print_data "$key"
        done
    fi

    # .data
    keys=( $(jq -r '(.data // empty) | keys | .[]' <<<"$data") )
    first=true
    if [ ${#keys[*]} -gt 0 ]; then
        for key in ${keys[*]}; do
            $first || echo; first=false
            print_data "$key" "|@base64d"
        done
    fi
done