Decode a Kubernetes secret

If you need to decode an existing Kubernetes file-based secret you can execute the following commands easily to obtain the original copies of the files used in the secret:

kubectl get my-secret -n my-namespace -o yaml | ojob ojob.io/kube/expandSecret toFolder=output

This will actually retrieve my-secret from the my-namespace Kubernetes namespace, pipe the YAML contents to the ojob.io/kube/expandSecret and create the corresponding files in the output folder (using the “toFolder” argument).

It’s possible to use also other arguments if needed. Example:

ojob ojob.io/kube/expandSecret input=my-secret.yml file=justASingleFileOfMany.crt toFolder=output

This will use the previously saved my-secret.yml and, if it has many secret files, it will only retrieve the justASingleFileOfMany.crt and place the original copy on the folder output.

Note: You can always download and use your own copy of the ojob.io/kube/expandSecret ojob. For that just follow the instructions on Get oJob