seira 0.6.1 → 0.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/seira/secrets.rb +32 -7
- data/lib/seira/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b267c856966fa9d1bc45dbc7bc438409b3d1063f3153a0e73ace8df2e957b9b9
|
4
|
+
data.tar.gz: fb3b80730b70076fbd01c42418bd2d20f7890e6bd76d43c64cc75d99c8941440
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1525fe34f26af87c6a39711922c16aa818e1824a1f20e8c10ac202af8432a55008c1f1130a19af64c6c71615bfbd651c9d9287ee75a6f6336a146420d80968ec
|
7
|
+
data.tar.gz: ffa5b5331fd8381478b22ecac09f10794f17e3fae9d26442510290f7d5e47ddf5159b538f17835798772ea7a26cb39e4a2cefb2de210ca46c7d333885857dff2
|
data/lib/seira/secrets.rb
CHANGED
@@ -10,7 +10,7 @@ module Seira
|
|
10
10
|
class Secrets
|
11
11
|
include Seira::Commands
|
12
12
|
|
13
|
-
VALID_ACTIONS = %w[help get set unset list list-decoded].freeze
|
13
|
+
VALID_ACTIONS = %w[help get set unset list list-decoded create-secret-container].freeze
|
14
14
|
PGBOUNCER_SECRETS_NAME = 'pgbouncer-secrets'.freeze
|
15
15
|
SUMMARY = "Manage your application's secrets and environment variables.".freeze
|
16
16
|
|
@@ -40,6 +40,8 @@ module Seira
|
|
40
40
|
run_list
|
41
41
|
when 'list-decoded'
|
42
42
|
run_list_decoded
|
43
|
+
when 'create-secret-container'
|
44
|
+
run_create_secret_container
|
43
45
|
else
|
44
46
|
fail "Unknown command encountered"
|
45
47
|
end
|
@@ -76,14 +78,17 @@ module Seira
|
|
76
78
|
def run_help
|
77
79
|
puts SUMMARY
|
78
80
|
puts "\n\n"
|
79
|
-
puts "Possible actions
|
81
|
+
puts "Possible actions to operate on secret contaiers. Default"
|
82
|
+
puts "container will be used unless --container=<name> specified:\n\n"
|
80
83
|
puts "get: fetch the value of a secret: `secrets get PASSWORD`"
|
81
84
|
puts "set: set one or more secret values: `secrets set USERNAME=admin PASSWORD=asdf`"
|
82
85
|
puts " to specify a value with spaces: `secrets set LIPSUM=\"Lorem ipsum\"`"
|
83
86
|
puts " to specify a value with newlines: `secrets set RSA_KEY=\"$(cat key.pem)\"`"
|
84
87
|
puts "unset: remove a secret: `secrets unset PASSWORD`"
|
85
88
|
puts "list: list all secret keys and values"
|
86
|
-
puts "list: list all secret keys and values, and decode from base64"
|
89
|
+
puts "list-decoded: list all secret keys and values, and decode from base64"
|
90
|
+
puts "\n\n"
|
91
|
+
puts "create-secret-container: takes one argument, the name, and creates a new container of secrets (Secret object) with that name"
|
87
92
|
end
|
88
93
|
|
89
94
|
def validate_single_key
|
@@ -137,9 +142,17 @@ module Seira
|
|
137
142
|
end
|
138
143
|
end
|
139
144
|
|
145
|
+
def run_create_secret_container
|
146
|
+
secret_name = key
|
147
|
+
puts "Creating Kubernetes Secret with name '#{secret_name}'..."
|
148
|
+
kubectl("create secret generic #{secret_name}", context: context)
|
149
|
+
puts "Secret Object '#{secret_name}' created. You can now set, unset, list secrets in this container Secret object."
|
150
|
+
end
|
151
|
+
|
140
152
|
# In the normal case the secret we are updating is just main_secret_name,
|
141
|
-
# but in special cases we may be doing an operation on a different secret
|
142
|
-
|
153
|
+
# but in special cases we may be doing an operation on a different secret such
|
154
|
+
# as use passing --container arg
|
155
|
+
def write_secrets(secrets:, secret_name: secret_container_from_args)
|
143
156
|
Dir.mktmpdir do |dir|
|
144
157
|
file_name = "#{dir}/temp-secrets-#{Seira::Cluster.current_cluster}-#{secret_name}.json"
|
145
158
|
File.open(file_name, "w") do |f|
|
@@ -160,8 +173,9 @@ module Seira
|
|
160
173
|
|
161
174
|
# Returns the still-base64encoded secrets hashmap
|
162
175
|
def fetch_current_secrets
|
163
|
-
json_string = kubectl("get secret #{
|
176
|
+
json_string = kubectl("get secret #{secret_container_from_args} -o json", context: context, return_output: true)
|
164
177
|
json = JSON.parse(json_string)
|
178
|
+
json['data'] ||= {} # For secret that has no key/values yet, this ensures a consistent experience
|
165
179
|
fail "Unexpected Kind" unless json['kind'] == 'Secret'
|
166
180
|
json
|
167
181
|
end
|
@@ -170,8 +184,19 @@ module Seira
|
|
170
184
|
args[0]
|
171
185
|
end
|
172
186
|
|
187
|
+
def secret_container_from_args
|
188
|
+
relevant_arg = args.find { |arg| arg.start_with? '--container=' }
|
189
|
+
|
190
|
+
if relevant_arg
|
191
|
+
relevant_arg.split("=")[1]
|
192
|
+
else
|
193
|
+
main_secret_name
|
194
|
+
end
|
195
|
+
end
|
196
|
+
|
197
|
+
# Filter out parameters which start with --
|
173
198
|
def key_value_map
|
174
|
-
args.map do |arg|
|
199
|
+
args.reject { |arg| arg.start_with?("--") }.map do |arg|
|
175
200
|
equals_index = arg.index('=')
|
176
201
|
[arg[0..equals_index - 1], arg[equals_index + 1..-1]]
|
177
202
|
end.to_h
|
data/lib/seira/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: seira
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.6.
|
4
|
+
version: 0.6.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Scott Ringwelski
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-08-
|
11
|
+
date: 2019-08-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: highline
|