8fccf09753
Design document: https://docs.google.com/document/d/1EjiCuXoiy8DEEXe15KxVJ4iWrwogCyG113_0LdzcWzQ/edit?usp=drive_web&ouid=102644738301620637153 This is the third of multiple patchsets to support encryption and decryption in airshipctl Complete feature: https://review.opendev.org/#/c/742695/ Change-Id: Ibe1060a83d11233cccaa3d3989765968a4dbed76
1.3 KiB
1.3 KiB
airshipctl secret encrypt
Encrypt plain text yaml files representing Kubernetes objects consisting of sensitive configuration.
Synopsis
Encrypt plain text yaml files representing Kubernetes objects consisting of sensitive configuration.
airshipctl secret encrypt [flags]
Examples
# Encrypt all kubernetes objects in the manifests directory.
airshipctl secret encrypt
# Encrypt file from src and write to a different dst file
airshipctl secret encrypt \
--src /tmp/manifests/target/secrets/qualified-secret.yaml \
--dst /tmp/manifests/target/secrets/encrypted-qualified-secret.yaml
Options
--dst string Path to the file or directory that has encrypted secrets for decryption. Defaults to src if empty.
-h, --help help for encrypt
--src string Path to the file or directory that has secrets in plaintext that need to be encrypted. Defaults to the manifest location in airship config
Options inherited from parent commands
--airshipconf string Path to file for airshipctl configuration. (default "$HOME/.airship/config")
--debug enable verbose output
--kubeconfig string Path to kubeconfig associated with airshipctl configuration. (default "$HOME/.airship/kubeconfig")
SEE ALSO
- airshipctl secret - Manage secrets