Skip to content

Commit

Permalink
updated kubernetes_secrets_to_external_secrets_gcp.sh
Browse files Browse the repository at this point in the history
  • Loading branch information
@HariSekhon
HariSekhon committed Sep 12, 2023
1 parent 3824341 commit 32abb44
Showing 1 changed file with 15 additions and 0 deletions.
15 changes: 15 additions & 0 deletions kubernetes/kubernetes_secrets_to_external_secrets_gcp.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,21 @@ if [ "${namespace:-}" ]; then
fi

for secret in $(kubectl get secrets -o name | sed 's|^secret/||'); do
secret_json="$(kubectl get secret "$secret" -o json)"
secret_type="$(jq -r '.type' <<< "$secret_json")"
if [ "$secret_type" = "kubernetes.io/service-account-token" ]; then
timestamp "Skipping touching service account token secret '$secret' for safety"
echo
continue
fi
if [ "$secret_type" = "kubernetes.io/tls" ]; then
tls_cert_manager_issuer="$(jq -r '.metadata.annotations."cert-manager.io/issuer-name"' <<< "$secret_json")"
if [ -n "$tls_cert_manager_issuer" ]; then
timestamp "Skipping touching tls secret '$secret' because its managed by Cert Manager"
echo
continue
fi
fi
"$srcdir/kubernetes_secret_to_external_secret_gcp.sh" "$secret"
echo
done

0 comments on commit 32abb44

Please sign in to comment.