Sometimes you need to take a little peek at your Kubernetes secrets...
- Usage
- Installation
- Shell Completions
- Automatic Formatting (Pretty Printing)
You can run psst
without any arguments to interactively pick the secret and key whose value you want to see.
$ psst
✔ Choose secret: … my-secret
✔ Choose key: … my-key
my-value
Alternatively, you can run psst SECRET KEY
to get the value directly.
It's also possible to only provide the SECRET
and interactively choose the key.
If the secret only contains a single key, it'll be chosen automatically.
Run psst --help
for all options. (For example, you can use the standard kubectl
flags to specify namespace and/or context.)
If you've got Go installed:
go install 'github.com/milas/psst@latest'
You can also build & install in one command with Docker (you do not need to clone the repo):
DEST="${HOME}/.local/bin/" docker buildx bake \
'https://github.com/milas/psst.git'
Be sure
~/.local/bin
is in yourPATH
or pick a different directory.
source <(psst --completion=bash)
To load completions for each session, execute once:
psst --completion=bash > /etc/bash_completion.d/psst
NOTE: For Homebrew installs of
bash
, use$(brew --prefix)/etc/bash_completion.d/psst
source <(psst --completion=zsh); compdef _psst psst
To load completions for each session, execute once:
psst --completion=zsh > "${fpath[1]}/_psst"
psst --completion=fish | source
To load completions for each session, execute once:
psst --completion=fish > ~/.config/fish/completions/psst.fish
psst --completion=powershell | Out-String | Invoke-Expression
If the secret is for a TLS certificate, a summary will automatically be shown.
$ psst podinfo-tls
ping.readygo.run
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Subject CN=ping.readygo.run
Issuer CN=R3,O=Let's Encrypt,C=US
Not Before 09 Feb 2023 20:36:13 UTC ✔
Not After 10 May 2023 20:36:12 UTC ✔
Algorithm RSA
Key Size 2048-bit
Subject Key ID 07:18:02:61:5B:33:8E:CC:73:0E:17:B9:CF:05:1D:2E:00:AA:D1:F3
System Trust 🔒 Let's Encrypt/R3 -> Internet Security Research Group/ISRG Root X1
Fingerprints
SHA-1 53:18:37:18:11:5A:3A:17:0F:CF:EE:20:FC:2E:F5:48:7C:75:84:B0
SHA-256 9B:CC:D2:B6:48:AF:51:9C:E3:C4:6C:B8:9D:89:14:A8:C6:32:02:8E:D2:0C:C2:0B:44:5E:01:95:FD:2A:AC:7C
SAN
DNS ping.readygo.run
💡 Use
--raw
to process a certificate with OpenSSL$ psst podinfo-tls tls.crt --raw | openssl x509 -noout -fingerprint -sha1 sha256 Fingerprint=9B:CC:D2:B6:48:AF:51:9C:E3:C4:6C:B8:9D:89:14:A8:C6:32:02:8E:D2:0C:C2:0B:44:5E:01:95:FD:2A:AC:7C
Licensed under the Apache License, Version 2.0