Secret

Figure 1. Handling Secret with SOPS Installation using homebrew brew install sops manual download download from GitHub https://github.com/getsops/sops/releases Using SOPS Create a sops.yaml sops.yaml creation_rules: # encrypt stuff in .secrets - aws_profile: default kms: arn:aws:kms:eu-central-1:1234567890:key/abcdefg-0123456-abcdefg (1) path_regex: ^./secrets/.*$ (2) 1 We are using AWS KMS for encryption/decryption 2 All files in the directory .secrets will be encrypted Inplace Encrypt sops -e -i .secrets/mysecret.yaml Inplace Decrypt sops -d -i .secrets/mysecret.yaml ...

Fetch and Decode Secret You need to have jq installed to use this snippet! kubectl --context=my-context -n my-namespace get secret my-secret-name -o json | jq '.data | map_values(@base64d)' Rerun existing completed Job kubectl replace deletes the old job, if there is any error, your job definition is lost, don’t forget to save it first! Replace an existing Job with itself kubectl get job JOBNAME -o yaml | kubectl replace --force -f - ...