s5s is a tool to download and apply secrets from cloud Secret Managers
Supported Secret Managers
Google Cloud Secrets Manager
Flag |
Description |
Required |
Default Value |
--project | -p |
GCP Project Name |
X |
|
--key | -k |
GCP Key String (must be provided if --key-file is not) |
X |
|
--key-file | -f |
GCP Key File (JSON) (must be provided if --key is not) |
X |
|
--secret | -s |
List of secrets formatted as <k8s secret key>=<gcp secret name> |
X |
|
--output-secret | -o |
Name of k8s secret |
X |
|
--version | -v |
GCP Secret Version |
|
latest |
$ s5s gcp \
-p gcp-project-id \
-f secret.json \
-s "mysqlusername=app-mysql-username" \
-s "mysqlpassword=app-mysql-password" \
-o mysql-creds | kubectl apply --context k8s-cluster -n app-namespace -f -
Flag |
Description |
Required |
Default Value |
--secret | -s |
AWS Secret Name |
X |
|
--region | -r |
AWS Region Name |
|
us-west-2 |
--accessKeyId |
AWS Access Key ID |
|
AWS_ACCESS_KEY_ID env |
--accessKey |
AWS Access Key |
|
AWS_ACCESS_KEY env |
--token |
AWS Access Token |
|
|
--output-secret | -o |
Name of k8s secret |
X |
|
$ s5s aws \
-s "project/mysql/secrets"
--accessKeyId AW12312312412
--accessKey XpijOIPUYh087^*&(^%
-o mysql-creds | kubectl apply --context k8s-cluster -n app-namespace -f -