OpenShift Secrets Operations: Difference between revisions
Jump to navigation
Jump to search
Line 7: | Line 7: | ||
* [[OpenShift_Security_Operations#Secrets_Operations|OpenShift Security Operations]] | * [[OpenShift_Security_Operations#Secrets_Operations|OpenShift Security Operations]] | ||
* [[OpenShift_Secrets_Concepts|Secrets Concepts]] | * [[OpenShift_Secrets_Concepts|Secrets Concepts]] | ||
=Overview= | |||
=List Secrets= | =List Secrets= |
Latest revision as of 18:10, 30 January 2018
External
Internal
Overview
List Secrets
List all secrets:
oc get secrets
Create a Secret
echo "..." > ./some-data.txt oc secret new some-secret key_1=some-data.txt
.gitconfig File-Based
oc secret new <secret-name> .gitconfig=path/to/.gitconfig
Basic Authentication
oc secrets new-basicauth <secret-name> --username=<user-name> --password=<password>
SSK Key
oc secrets new-sshauth <secret-name> --ssh-privatekey=$HOME/.ssh/id_rsa
Secrets can be combined.
Link the Secret to a Service Account
oc secrets link <service-account-name> <secret-name>
More service account operations, below Service Account Operations.
Extract Data from a Secret
Extract data from a given secret:
cd ~/tmp oc extract secret/logging-kibana-proxy [--keys=oauth-secret] --confirm
Expose as Environment Variable
oc env <target-object> --from=secret/<secret-name> --prefix=DB_
Expose as a Mounted Volume
oc set volume <target-object> --add --overwrite --name=<some-name> --mount-path /some-path --secret-name=<secret-name>