Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
A kubectl plugin to decode secrets created by Helm
# get helm secrets from Kubernetes cluster
SECRET=$(kubectl get secret $1 -o jsonpath='{ .data.release }' )
# decode the secrets
DECODED_SECRET=$(echo $SECRET | base64 -d | base64 -d | gunzip -c )
# parse the decoded secrets, pulling out the templates and removing whitespace
DATA=$(echo $DECODED_SECRET | jq '.chart.templates[]' | tr -d '[:space:]' )
# assign each entry in templates to an array
ARRAY=($(echo $DATA | tr '} {' '\n'))
# loop through each entry in the array
for i in "${ARRAY[@]}"
# splitting name and data into separate items in another array
ITEMS=($(echo $i | tr ',' '\n'))
# parsing the name field
echo "${ITEMS[0]}" | sed -e 's/name/""/g; s/templates/""/g' | tr -d '/:"'
# decoding and parsing the data field
echo "${ITEMS[1]}" | sed -e 's/data/""/g' | tr -d '":' | base64 -d
# adding a blank line at the end
echo ''
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.