Sometimes you need to take a little peek at your Kubernetes secrets...
- Usage
- Installation
- Shell Completions
- Automatic Formatting (Pretty Printing)
You can run psst without any arguments to interactively pick the secret and key whose value you want to see.
$ psst
✔ Choose secret: … my-secret
✔ Choose key: … my-key
my-valueAlternatively, you can run psst SECRET KEY to get the value directly.
It's also possible to only provide the SECRET and interactively choose the key.
If the secret only contains a single key, it'll be chosen automatically.
Run psst --help for all options. (For example, you can use the standard kubectl flags to specify namespace and/or context.)
If you've got Go installed:
go install 'github.com/milas/psst@latest'You can also build & install in one command with Docker (you do not need to clone the repo):
DEST="${HOME}/.local/bin/" docker buildx bake \
'https://github.com/milas/psst.git'Be sure
~/.local/binis in yourPATHor pick a different directory.
source <(psst --completion=bash)To load completions for each session, execute once:
psst --completion=bash > /etc/bash_completion.d/psstNOTE: For Homebrew installs of
bash, use$(brew --prefix)/etc/bash_completion.d/psst
source <(psst --completion=zsh); compdef _psst psstTo load completions for each session, execute once:
psst --completion=zsh > "${fpath[1]}/_psst"psst --completion=fish | sourceTo load completions for each session, execute once:
psst --completion=fish > ~/.config/fish/completions/psst.fishpsst --completion=powershell | Out-String | Invoke-ExpressionIf the secret is for a TLS certificate, a summary will automatically be shown.
$ psst podinfo-tls
ping.readygo.run
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Subject CN=ping.readygo.run
Issuer CN=R3,O=Let's Encrypt,C=US
Not Before 09 Feb 2023 20:36:13 UTC ✔
Not After 10 May 2023 20:36:12 UTC ✔
Algorithm RSA
Key Size 2048-bit
Subject Key ID 07:18:02:61:5B:33:8E:CC:73:0E:17:B9:CF:05:1D:2E:00:AA:D1:F3
System Trust 🔒 Let's Encrypt/R3 -> Internet Security Research Group/ISRG Root X1
Fingerprints
SHA-1 53:18:37:18:11:5A:3A:17:0F:CF:EE:20:FC:2E:F5:48:7C:75:84:B0
SHA-256 9B:CC:D2:B6:48:AF:51:9C:E3:C4:6C:B8:9D:89:14:A8:C6:32:02:8E:D2:0C:C2:0B:44:5E:01:95:FD:2A:AC:7C
SAN
DNS ping.readygo.run
💡 Use
--rawto process a certificate with OpenSSL$ psst podinfo-tls tls.crt --raw | openssl x509 -noout -fingerprint -sha1 sha256 Fingerprint=9B:CC:D2:B6:48:AF:51:9C:E3:C4:6C:B8:9D:89:14:A8:C6:32:02:8E:D2:0C:C2:0B:44:5E:01:95:FD:2A:AC:7C
Licensed under the Apache License, Version 2.0