kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #31763 from sgaist/patch-1 

Add secure example for getting secret values
This commit is contained in:
Kubernetes Prow Robot 2022-02-27 17:44:57 -08:00 committed by GitHub
parent 189100f5aa 73bd4563a8
commit dea4f2b103
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
content/en/docs/tasks/configmap-secret/managing-secret-using-kubectl.md
View File

@ -130,6 +130,12 @@ The output is similar to:
Now you can decode the `password` data:
```shell
# This is an example for documentation purposes.
# If you did things this way, the data 'MWYyZDFlMmU2N2Rm' could be stored in
# your shell history.
# Someone with access to you computer could find that remembered command
# and base-64 decode the secret, perhaps without your knowledge.
# It's usually better to combine the steps, as shown later in the page.
echo 'MWYyZDFlMmU2N2Rm' | base64 --decode
```
@ -139,6 +145,15 @@ The output is similar to:
1f2d1e2e67df
```
In order to avoid storing a secret encoded value in your shell history, you can
run the following command:
```shell
kubectl get secret db-user-pass -o jsonpath='{.data.password}' | base64 --decode
```
The output shall be similar as above.
## Clean Up
Delete the Secret you created: