DEV Community

Cover image for Sealed secrets - backup, recovery, miscellaneous
Ashok Nagaraj
Ashok Nagaraj

Posted on

4 2

Sealed secrets - backup, recovery, miscellaneous

Recovering public key used by the controller
❯ kubeseal \
      --controller-name=ss-app-sealed-secrets \
      --controller-namespace=sealed-secrets \
      --fetch-cert > publickey.pem
Enter fullscreen mode Exit fullscreen mode
Recovering the private key
❯ kubectl get secrets acme-keys -n sealed-secrets -o json | jq ".data | map_values(@base64d)"
{
  "tls.crt": "-----BEGIN CERTIFICATE-----\nMIIE3DCCAsQCCQCgdNszn/dUUTANBgkqhkiG9w0BAQsFADAwMRYwFA...\n-----END CERTIFICATE-----\n",
  "tls.key": "-----BEGIN PRIVATE KEY-----\nMIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDAFYgUZStmW6Zo\n...\n-----END PRIVATE KEY-----\n"
}
Enter fullscreen mode Exit fullscreen mode
Re-encrypting sealed-secret files when keys change (rotated)
❯ kubeseal --controller-name=ss-app-sealed-secrets --controller-namespace=sealed-secrets --re-encrypt -o yaml < ss.yaml  > new-ss.yaml
Enter fullscreen mode Exit fullscreen mode
Useful annotations
  • sealedsecrets.bitnami.com/managed: "true" to make a kubernetes secret be managed by Bitnami SS controller
  • sealedsecrets.bitnami.com/namespace-wide: "true" to make the scope to namespace-wide
  • sealedsecrets.bitnami.com/cluster-wide: "true" to make the scope to cluster-wide
FAQ

Image of Datadog

Master Mobile Monitoring for iOS Apps

Monitor your app’s health with real-time insights into crash-free rates, start times, and more. Optimize performance and prevent user churn by addressing critical issues like app hangs, and ANRs. Learn how to keep your iOS app running smoothly across all devices by downloading this eBook.

Get The eBook

Top comments (0)