DEV Community

Cover image for Editing Kubernetes Secrets Inline

Editing Kubernetes Secrets Inline

Austin Vance on July 12, 2020

We work a lot with Kubernetes and when you're working with Secrets it can be a total pain to edit them. A standard workflow can be something like. ...
Collapse
 
amourycodes profile image
Amoury

Great tip. Didn't know about this 👍🏼

Collapse
 
austinbv profile image
Austin Vance

Thanks! Helpful in the CKA(D) too

Collapse
 
amourycodes profile image
Amoury

Yeah totally. I am just on my journey preparing for CKAD

Thread Thread
 
austinbv profile image
Austin Vance

Good luck we are studying for it as a team right now

Thread Thread
 
qainsights profile image
NaveenKumar Namachivayam ⚡

I am also preparing for CKAD. Please add me in :)

Collapse
 
jrop profile image
Jonathan Apodaca

Tip: I have a base64 Vim plugin installed that makes this even easier! Just kubectl edit... and then encode/decode from within Vim. No other commands needed.

Collapse
 
austinbv profile image
Austin Vance

The plugin does this under the hood if you checkout the auto load file.

Personally like to avoid plugins if it’s easy enough to learn so I can edit in any environment or on a server without feeling hamstrung

Collapse
 
pbnj profile image
Peter Benjamin (they/them) • Edited

Nice tip.

For a bit more convenience (so you don't have to edit or move the text to a new line):

: ! echo <cWORD> | base64 | tr -d '\n' | pbcopy

:help <cword> and :help <cWORD> for more information

demo 1

For even more convenience, this can be converted into a reusable function:

function! B64ify() abort
  silent ! clear
  silent ! echo <cWORD> | base64 | tr -d '\n' | pbcopy
  execute "normal! ciW\<ESC>\"*p"
  redraw!
endfunction

Now, you can call it with :call B64ify()

demo 2

Lastly, you can map this function to a command and/or keybinding for maximum convenience:

command! B64ify :call B64ify()
nnoremap <silent> <Leader>B :B64ify<CR>

This can also be reversed very easily by copying the function and replacing base64 with base64 -d.

Here is a final demo:

demo 3

The final config:

function! B64ify() abort
  silent ! clear
  silent ! echo <cWORD> | base64 | tr -d '\n' | pbcopy
  execute "normal! ciW\<ESC>\"*p"
  redraw!
endfunction
command! B64ify :call B64ify()
nnoremap <silent><Leader>B :B64ify<CR>

function! B64decodify() abort
  silent ! clear
  silent ! echo <cWORD> | base64 -d | tr -d '\n' | pbcopy
  execute "normal! ciW\<ESC>\"*p"
  redraw!
endfunction
command! B64decodify :call B64decodify()
nnoremap <silent><Leader>b :B64decodify<CR>
Collapse
 
austinbv profile image
Austin Vance

Nice tip - I love the <cWORD> approach to a lot of things. One limitation is <cWORD> uses vi's word selection. If my secret is a multiline certificate, the contents of a yaml file, or has special characters this won't work.

Collapse
 
pbnj profile image
Peter Benjamin (they/them) • Edited

That's true.

If you want to visually select the text to pass to an external program, by default vim passes whole lines (e.g. :'<,'> ! base64) , but vis.vim plugin might help (e.g. :'<,'>B ! base64).

Collapse
 
vanica profile image
vanica

Can you please tell me about this interactive presentation display you used for showing commands?

Collapse
 
austinbv profile image
Austin Vance

Hey, I have been using Terminalizer github.com/faressoft/terminalizer. I also have used asciinema.org/ which does web players rather than gifs.

Collapse
 
vanica profile image
vanica

Thank you!!!

Collapse
 
shehata profile image
Solly

Thats very useful! Thanks for sharing ♥️

Collapse
 
austinbv profile image
Austin Vance

Of course thanks for reading