allanger/kubers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity
renovate/configure
kubers/kubers

124 lines
3.8 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
# ------------------------------------------------------------------------
# -- Copyright 2023 Nikolai Rodionov (allanger)
# ------------------------------------------------------------------------
set -e
KUBERS_VERSION=0.1.0
# ------------------------------------
# -- Internal function for generating
# -- the "$KEY: $VALUE" string
# ------------------------------------
function append_to_secret() {
SECRET=$1
KEY=$2
QUIET=$3
VALUE=$(kubectl -n $NAMESPACE get secret $SECRET -o yaml| yq ".data.\"$KEY\"" | base64 -d)
SECRET_DATA="test"
if (( $(grep -c . <<<"$VALUE") > 1 )); then
SECRET_DATA="|-\n$(echo $VALUE| sed -e 's/^/ /')"
SECRET="$KEY: $SECRET_DATA"
else
SECRET_DATA="$VALUE"
SECRET="$KEY: $SECRET_DATA"
fi
if [[ $QUIET != "" ]]; then
printf "$VALUE"
else
printf "$SECRET"
fi
}
function show_help() {
cat <<EOF
---
kubers is a super simple tool that reveals k8s secrets using kubectl and yq
Usage:
kubers [-V | --version] [-h | --help] [-n | --namespace <namespace>] [-c <name>=<value>]
<secret_name> [<entry_name>]
Examples:
If you want to reveal all entries in the current k8s namespace
$ kubers $SECRET_NAME
If you want to reveal only one entry from the secret in the current namepspace
$ kubers $SECRET_NAME $SECRET_VALUE
If you want to reveal a secret from another namespace
$ kubers -n $NAMESPACE $SECRET_NAME
---
EOF
}
# ---------------------------------------------------------------------
# -- Parse arguments
# ---------------------------------------------------------------------
UNNAMED_ARGS=()
while [[ $# -gt 0 ]]; do
case $1 in
-n|--namespace)
# ---------------------------------------------------------------
# -- Set the namespace that you want to get the secret from
# ---------------------------------------------------------------
NAMESPACE="$2"
# ---------------------------------------------------------------
# -- Check if namespace exists
# ---------------------------------------------------------------
kubectl get namespace $NAMESPACE > /dev/null
shift
shift
;;
-V|--version)
printf "$KUBERS_VERSION\n"
exit 0
;;
-h|--help)
show_help
exit 0
;;
-*|--*)
echo "Unknown option $1"
exit 1
;;
*)
# ---------------------------------------------------------------
# -- Don't forget args that are passed without flags
# ---------------------------------------------------------------
UNNAMED_ARGS+=("$1")
shift
;;
esac
done
# ---------------------------------------------------------------------
# -- If namespace is not set, the use the current namespace
# ---------------------------------------------------------------------
if [[ -z $NAMESPACE ]]; then
NAMESPACE=$(kubectl config view --minify -o jsonpath='{..namespace}')
fi
# ---------------------------------------------------------------------
# -- Set the secret name an entry (optional)
# ---------------------------------------------------------------------
SECRET_NAME=${UNNAMED_ARGS[0]}
SECRET_ENTRY=${UNNAMED_ARGS[1]}
# ---------------------------------------------------------------------
# -- Main logic starts here
# ---------------------------------------------------------------------
if [[ -z $SECRET_NAME ]]; then
show_help
printf "You must provide a secret name. Choose one of these\n\n"
kubectl -n $NAMESPACE get secrets --no-headers -o custom-columns=":metadata.name"
exit 1
fi
SECRET=()
if [[ $SECRET_ENTRY != "" ]]; then
SECRET+=$(append_to_secret $SECRET_NAME $SECRET_ENTRY 1)
else
for SECRET_ENTRY in $(kubectl -n $NAMESPACE get secret $SECRET_NAME -o yaml | yq '.data | keys' | sed -e "s/- //"); do
SECRET+=("$(append_to_secret $SECRET_NAME $SECRET_ENTRY)");
done
fi
printf "%s\n" "${SECRET[@]}" | yq
Reference in New Issue View Git Blame Copy Permalink