This kustomize plugin reveals files encrypted by git-secret and outputs their content.
- kustomize 3.5.4
- git-secret 0.3.2
export KUSTOMIZE_VERSION=3.5.4
export GITSECRET_VERSION=0.3.2
export XDG_CONFIG_HOME=`pwd`
make
gpg --import <gpg_key>.asc # Private key used for encrypting files
./bin/kustomize build /some/path --enable_alpha_pluginsKustomize directory layout:
/
└── some
└── path
├── another_secret.yml.secret # GPG encrypted file
├── gitsecret.yml
├── kustomization.yml
└── secret.yml.secret # GPG encrypted filekustomization.yml:
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
generators:
- gitsecret.ymlgitsecret.yml
---
apiVersion: yseop.com/v1alpha1
kind: GitSecret
metadata:
name: notImportantHereThis will output something like
apiVersion: v1
data:
password: dGVzdDI=
kind: Secret
metadata:
creationTimestamp: null
name: another_secret
---
apiVersion: v1
data:
password: dGVzdA==
kind: Secret
metadata:
creationTimestamp: null
name: secret
- Encrypted file extension (
.secret) - No YAML merging
- No YAML overriding
export KUSTOMIZE_VERSION=3.5.4
export GITSECRET_VERSION=0.3.2
export XDG_CONFIG_HOME=`pwd`
make git-secret
make git-secret-test