-D, --expired-days-from-now does not show secrets with additional key(s)
thiDucTran opened this issue · 4 comments
I have a secret that if I do kubectl view-cert wildcard-tls-grafana -n monitoring I get the below error
Specify another argument, one of:
-> ca.pem
-> tls.crt
-> tls.keywhich is fine..I can do kubectl view-cert wildcard-tls-grafana -n monitoring tls.crt which gives the below
[
{
"SecretName": "wildcard-tls-grafana",
"Namespace": "monitoring",
"Version": 3,
"SerialNumber": "*",
"Issuer": "**",
"Validity": {
"NotBefore": "2022-06-10T07:11:59Z",
"NotAfter": "2023-07-12T07:11:59Z"
},
"Subject": "CN=*",
"IsCA": false
}
]but this secret does not show up when I do kubectl view-cert -A -D 90 ..is it possible to provide the additional argument tls.crt ?
Hello,
What is the type of wildcard-tls-grafana secret please ?
hi @lmolas , is this to be expected since wildcard-tls-grafana is of type generic? (i did see your readme stating The secret will be parsed only if its type is kubernetes.io/tls. If secret type is not kubernetes.io/tls, a list of all secret keys is displayed)
we created with this: kubectl create secret generic wildcard-tls-grafana --from-file=ca.pem=newcert/gd_bundle-g2-g1.crt --from-file=tls.crt=newcert/file.crt --from-file=tls.key=newcert/private.pem --namespace $namespace
if this is exected, I guess can we make it so view-cert stills tries with assumed key value of tls.crt before giving the list of all secret keys ? if not, its fine..i think my use-case is not that significant :)
https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets
Try replacing generic by tls for kubectl create secret.
sure. thank you for your help.