airship/airshipctl
Code Issues Proposed changes
airshipctl/docs/source/cli/airshipctl_secret_encrypt.md
uday.ruddarraju 9a608de653 Encrypt and decrypt using sops 
Design document: https://docs.google.com/document/d/1EjiCuXoiy8DEEXe15KxVJ4iWrwogCyG113_0LdzcWzQ/edit?usp=drive_web&ouid=102644738301620637153

Demo readme: https://hackmd.io/@WE7PUWXBRVeQJzCZkXkOLw/ryoW-aOLv

This patchset comprises of:
- package library to interact with sops
- integrate airshipctl encrypt/decrypt with sops

Change-Id: I2ca3ff3c8661d146708084728cb3f87365a4f39e
2020-10-23 02:27:45 -07:00

1.3 KiB
Raw Blame History

airshipctl secret encrypt

Encrypt plain text yaml files representing Kubernetes objects consisting of sensitive configuration.

Synopsis

Encrypt plain text yaml files representing Kubernetes objects consisting of sensitive configuration.

airshipctl secret encrypt [flags]

Examples


# Encrypt all kubernetes objects in the manifests directory.
airshipctl secret encrypt

# Encrypt file from src and write to a different dst file
airshipctl secret encrypt \
	--src /tmp/manifests/target/secrets/qualified-secret.yaml \
	--dst /tmp/manifests/target/secrets/encrypted-qualified-secret.yaml

Options

      --dst string          Path to the file or directory that has encrypted secrets for decryption. Defaults to src if empty.
  -h, --help                help for encrypt
      --kubeconfig string   Path to kubeconfig associated with cluster being managed
      --src string          Path to the file or directory that has secrets in plaintext that need to be encrypted. Defaults to the manifest location in airship config

Options inherited from parent commands

      --airshipconf string   Path to file for airshipctl configuration. (default "$HOME/.airship/config")
      --debug                enable verbose output

SEE ALSO