Class: Seira::Secrets
Constant Summary collapse
- VALID_ACTIONS =
%w[help get set unset list list-decoded create-secret-container].freeze
- PGBOUNCER_SECRETS_NAME =
'pgbouncer-secrets'.freeze
- SUMMARY =
"Manage your application's secrets and environment variables.".freeze
Instance Attribute Summary collapse
-
#action ⇒ Object
readonly
Returns the value of attribute action.
-
#app ⇒ Object
readonly
Returns the value of attribute app.
-
#args ⇒ Object
readonly
Returns the value of attribute args.
-
#context ⇒ Object
readonly
Returns the value of attribute context.
Instance Method Summary collapse
- #copy_secret_across_namespace(key:, to:, from:) ⇒ Object
- #get(key) ⇒ Object
-
#initialize(app:, action:, args:, context:) ⇒ Secrets
constructor
A new instance of Secrets.
- #main_secret_name ⇒ Object
- #run ⇒ Object
Methods included from Commands
#gcloud, gcloud, kubectl, #kubectl, #tsh, tsh
Constructor Details
#initialize(app:, action:, args:, context:) ⇒ Secrets
Returns a new instance of Secrets.
19 20 21 22 23 24 |
# File 'lib/seira/secrets.rb', line 19 def initialize(app:, action:, args:, context:) @app = app @action = action @args = args @context = context end |
Instance Attribute Details
#action ⇒ Object (readonly)
Returns the value of attribute action.
17 18 19 |
# File 'lib/seira/secrets.rb', line 17 def action @action end |
#app ⇒ Object (readonly)
Returns the value of attribute app.
17 18 19 |
# File 'lib/seira/secrets.rb', line 17 def app @app end |
#args ⇒ Object (readonly)
Returns the value of attribute args.
17 18 19 |
# File 'lib/seira/secrets.rb', line 17 def args @args end |
#context ⇒ Object (readonly)
Returns the value of attribute context.
17 18 19 |
# File 'lib/seira/secrets.rb', line 17 def context @context end |
Instance Method Details
#copy_secret_across_namespace(key:, to:, from:) ⇒ Object
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
# File 'lib/seira/secrets.rb', line 50 def copy_secret_across_namespace(key:, to:, from:) puts "Copying the #{key} secret from namespace #{from} to #{to}." json_string = kubectl("get secret #{key} -o json -n #{from}", context: :none, return_output: true) secrets = JSON.parse(json_string) # At this point we would preferably simply do a write_secrets call, but the metadata is highly coupled to old # namespace so we need to clear out the old metadata new_secrets = Marshal.load(Marshal.dump(secrets)) new_secrets.delete('metadata') new_secrets['metadata'] = { 'name' => key, 'namespace' => to } write_secrets(secrets: new_secrets, secret_name: key) end |
#get(key) ⇒ Object
70 71 72 73 74 |
# File 'lib/seira/secrets.rb', line 70 def get(key) secrets = fetch_current_secrets encoded_value = secrets.dig('data', key) encoded_value.nil? ? nil : Base64.decode64(encoded_value) end |
#main_secret_name ⇒ Object
66 67 68 |
# File 'lib/seira/secrets.rb', line 66 def main_secret_name "#{app}-secrets" end |
#run ⇒ Object
26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
# File 'lib/seira/secrets.rb', line 26 def run case action when 'help' run_help when 'get' validate_single_key run_get when 'set' validate_keys_and_values run_set when 'unset' validate_single_key run_unset when 'list' run_list when 'list-decoded' run_list_decoded when 'create-secret-container' run_create_secret_container else fail "Unknown command encountered" end end |