miticojo/ocp-dump.sh

## ocp-dump.sh
#!/bin/bash

# Function to redact sensitive fields within Secret objects
redact_secrets() {
  secret_name=$1
  namespace=$2

  # Fields likely to contain sensitive information
  sensitive_fields=("data.password" "data.token" "stringData")

  for field in "${sensitive_fields[@]}"; do
    oc get secret $secret_name -n $namespace -o jsonpath="{.data}" |
      base64 -d |
      jq --arg field "$field" '.[$field] = "<REDACTED>"' |
      base64 |
      oc patch secret $secret_name -n $namespace --type='json' -p "[{'op': 'replace', 'path': '/data', 'value': $*}]"
  done
}

# Get a list of all namespaces
namespaces=$(oc get projects --no-headers -o custom-columns=NAME:.metadata.name)

# Iterate through each namespace
for ns in $namespaces; do
  echo "Processing namespace: $ns"

  # Get a list of most relevant resource types
  resources=("configmaps" "deployments" "daemonsets" "statefulsets" "services" "routes" "secrets" "ingress" "storageclass" "pvc" "pv")

  for kind in "${resources[@]}"; do
    echo "  Exporting $kind resources..."
    oc get $kind -n $ns -o yaml > $ns-$kind.yaml

    # Redact secrets (if any)
    if [[ $kind == "secrets" ]]; then
      secret_names=$(oc get secrets -n $ns -o name)
      for secret in $secret_names; do
        redact_secrets $secret $ns
      done
    fi
  done
done

echo "Configuration export complete."
	#!/bin/bash

	# Function to redact sensitive fields within Secret objects
	redact_secrets() {
	secret_name=$1
	namespace=$2

	# Fields likely to contain sensitive information
	sensitive_fields=("data.password" "data.token" "stringData")

	for field in "${sensitive_fields[@]}"; do
	oc get secret $secret_name -n $namespace -o jsonpath="{.data}" \|
	base64 -d \|
	jq --arg field "$field" '.[$field] = "<REDACTED>"' \|
	base64 \|
	oc patch secret $secret_name -n $namespace --type='json' -p "[{'op': 'replace', 'path': '/data', 'value': $*}]"
	done
	}

	# Get a list of all namespaces
	namespaces=$(oc get projects --no-headers -o custom-columns=NAME:.metadata.name)

	# Iterate through each namespace
	for ns in $namespaces; do
	echo "Processing namespace: $ns"

	# Get a list of most relevant resource types
	resources=("configmaps" "deployments" "daemonsets" "statefulsets" "services" "routes" "secrets" "ingress" "storageclass" "pvc" "pv")

	for kind in "${resources[@]}"; do
	echo " Exporting $kind resources..."
	oc get $kind -n $ns -o yaml > $ns-$kind.yaml

	# Redact secrets (if any)
	if [[ $kind == "secrets" ]]; then
	secret_names=$(oc get secrets -n $ns -o name)
	for secret in $secret_names; do
	redact_secrets $secret $ns
	done
	fi
	done
	done

	echo "Configuration export complete."