Editing Kubernetes Secrets Inline

07.12.2020 | Tutorial Devops | Austin Vance


We work a lot with Kubernetes and when you're working with Secrets it can be a total pain to edit them. A standard workflow can be something like.

# Grab the existing secret
kubectl get secret some-secret -o yaml > some-secret.yaml

# Grab the existing secret
kubectl get secret some-secret \
  -o jsonpath='{ .data.secret }' \
  | base64 -D > thesecert.txt

# Edit the secret
vim thesecret.txt

# Grab the new secret and put it into the secret file
# and apply it to the cluster
cat thesecret.txt | base64 | pbcopy
vim some-secret.yaml # paste in your b64 encoded secret
kubectl apply -f some-secret.yaml

That's not a great user experience and what if you wanted to use kubectl edit?

There's a bit of vim foo you can use to edit the secret in line.

kubectl edit secret some-secret

# navigate to the base64 encoded secret
# place your cursor on the space between the ":"
# and the first character of the secret
# hit `r <enter>` this replaces the space
# with a new line

# move your cursor down one line to the secret
# in the command prompt `:. ! base64 -D`

# Edit your secret

# in the command prompt `:. ! base64`
# if your secret is multiline you can 
# use `:<startline>,<endline> ! base64`
# or you can highlight the lines in visual
# mode and use `:! base64`

# Join the lines by moving back up the secret key
# and hitting `J`

# Then write quit `:wq`
# you should see this as output
# `secret/some-secret edited`

Editing a secret inline

And if you want to edit a multiline secret say one that was created from a file. Rather than base64 encoding the current line using :. you can use a range of line numbers :13,84 ! base64 and you will encode all those lines together inclusive of line 84.


edit: added info about multiline secrets


I wanted to add one more tip here - pesky new lines.

If you're editing a secret and you use . ! base64 you will end up with a newline character at the end of your secret. If that's ok... cool if not you can use tr to clean it out

. ! tr -d '\n' | base64


Read More

Related Posts


06.30.2021 | Culture | Katy Scott

At Focused Labs, collaboration is key to how we work together; it helps our teams learn from each other, brings us closer and helps us become more efficient...


06.23.2021 | Culture | Austyn

Late-night feedings and diaper changes, the 3-4 month sleep regression, teething, and a growth spurt all mean I'm getting less sleep than...


05.12.2021 | Culture Backend Frontend | Ryan Taylor

Temporarily disrupts "normal" business operations and allow self-organized teams to rapid prototype around their interest areas


04.27.2021 | Culture | Erin Hochstatter

Several years ago, I'd been trying to find an approach to software consulting that made sense for me [...]


01.28.2021 | Backend | Parker Drake

Recently I found myself needing to validate fields in a Spring Boot controller written in Kotlin...


01.22.2021 | Tutorial | Luke Mueller

⌘+⇧+g is the way to go


01.21.2021 | Devops | Katy G

Kube jobs running wild? To delete successful jobs...

additional accent

171 N Aberdeen St
Suite 400
Chicago, IL 60607

[email protected]

© 2021 FocusedLabs, All Rights Reserved.

  • facebook icon
  • twitter icon
  • linkedin icon
  • github icon