Revision as of 17:38, 30 January 2018

External

oc get secrets

echo "..." > ./some-data.txt
oc secret new some-secret key_1=some-data.txt

oc secret new <secret-name> .gitconfig=path/to/.gitconfig

oc secrets new-basicauth <secret-name> --username=<user-name> --password=<password>

oc secrets new-sshauth <secret-name> --ssh-privatekey=$HOME/.ssh/id_rsa

Secrets can be combined.

oc secrets link <service-account-name> <secret-name>

More service account operations, below Service Account Operations.

Extract data from a given secret:

cd ~/tmp
oc extract secret/logging-kibana-proxy [--keys=oauth-secret] --confirm

oc env <target-object> --from=secret/<secret-name> --prefix=DB_

oc set volume <target-object> --add --overwrite --name=<some-name> --mount-path /some-path --secret-name=<secret-name>

@@ Line 5: / Line 5: @@
 =Internal=
-* [[OpenShift Security Operations]]
+* [[OpenShift_Security_Operations#Secrets_Operations|OpenShift Security Operations]]
+=List Secrets=
-==List Secrets==
 List all [[OpenShift_Security_Concepts#Secret|secrets]]:
@@ Line 14: / Line 13: @@
   oc get secrets
-==Create a Secret==
+=Create a Secret=
   echo "..." > ./some-data.txt
@@ Line 33: / Line 32: @@
 Secrets can be combined.
-==Link the Secret to a Service Account==
+=Link the Secret to a Service Account=
   oc secrets link <''service-account-name''> <''secret-name''>
@@ Line 39: / Line 38: @@
 More service account operations, below [[#Service_Account_Operations|Service Account Operations]].
-==Extract Data from a Secret==
+=Extract Data from a Secret=
 Extract data from a given secret:
@@ Line 46: / Line 45: @@
   oc extract secret/logging-kibana-proxy [--keys=oauth-secret] --confirm
-==Expose as Environment Variable==
+=Expose as Environment Variable=
   oc env <''target-object''> --from=secret/<''secret-name''> --prefix=DB_
-==Expose as a Mounted Volume==
+=Expose as a Mounted Volume=
   oc set volume <''target-object''> --add --overwrite --name=<''some-name''> --mount-path /some-path --secret-name=<''secret-name''>