lib/seira/secrets.rb in seira-0.1.4 vs lib/seira/secrets.rb in seira-0.1.5
- old
+ new
@@ -36,12 +36,10 @@
run_unset
when 'list'
run_list
when 'list-decoded'
run_list_decoded
- when 'create-pgbouncer-secret'
- run_create_pgbouncer_secret
else
fail "Unknown command encountered"
end
end
@@ -63,10 +61,15 @@
def main_secret_name
"#{app}-secrets"
end
+ def get(key)
+ secrets = fetch_current_secrets
+ Base64.decode64(secrets['data'][key])
+ end
+
private
def run_help
puts SUMMARY
puts "\n\n"
@@ -86,12 +89,11 @@
exit(1)
end
end
def run_get
- secrets = fetch_current_secrets
- puts "#{key}: #{Base64.decode64(secrets['data'][key])}"
+ puts "#{key}: #{get(key)}"
end
def run_set
secrets = fetch_current_secrets
secrets['data'].merge!(key_value_map.transform_values { |value| Base64.strict_encode64(value) })
@@ -116,15 +118,9 @@
secrets = fetch_current_secrets
puts "Decoded (raw) keys for #{app}:"
secrets['data'].each do |k, v|
puts "#{k}: #{Base64.decode64(v)}"
end
- end
-
- def run_create_pgbouncer_secret
- db_user = args[0]
- db_password = args[1]
- puts `kubectl create secret generic #{PGBOUNCER_SECRETS_NAME} --namespace #{app} --from-literal=DB_USER=#{db_user} --from-literal=DB_PASSWORD=#{db_password}`
end
# In the normal case the secret we are updating is just main_secret_name,
# but in special cases we may be doing an operation on a different secret
def write_secrets(secrets:, secret_name: main_secret_name)