OpenShift Secrets Operations: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
Line 7: Line 7:
* [[OpenShift_Security_Operations#Secrets_Operations|OpenShift Security Operations]]
* [[OpenShift_Security_Operations#Secrets_Operations|OpenShift Security Operations]]
* [[OpenShift_Secrets_Concepts|Secrets Concepts]]
* [[OpenShift_Secrets_Concepts|Secrets Concepts]]
=Overview=


=List Secrets=
=List Secrets=

Latest revision as of 18:10, 30 January 2018

External

Internal

Overview

List Secrets

List all secrets:

oc get secrets

Create a Secret

echo "..." > ./some-data.txt
oc secret new some-secret key_1=some-data.txt

.gitconfig File-Based

oc secret new <secret-name> .gitconfig=path/to/.gitconfig

Basic Authentication

oc secrets new-basicauth <secret-name> --username=<user-name> --password=<password>

SSK Key

oc secrets new-sshauth <secret-name> --ssh-privatekey=$HOME/.ssh/id_rsa

Secrets can be combined.

Link the Secret to a Service Account

oc secrets link <service-account-name> <secret-name>

More service account operations, below Service Account Operations.

Extract Data from a Secret

Extract data from a given secret:

cd ~/tmp
oc extract secret/logging-kibana-proxy [--keys=oauth-secret] --confirm

Expose as Environment Variable

oc env <target-object> --from=secret/<secret-name> --prefix=DB_

Expose as a Mounted Volume

oc set volume <target-object> --add --overwrite --name=<some-name> --mount-path /some-path --secret-name=<secret-name>