I want to run kubectl and get all the secrets of type = X. Is this possible?
I.e if I want to get all secrets where type=tls
something like kubectl get secrets --type=tls
?
To create a Kubernetes secret, apply one of the following methods: Use kubectl for a command-line based approach. Create a configuration file for the secret. Use a generator, such as Kustomize to generate the secret.
Secret API objects reside in a namespace. They can only be referenced by pods in that same namespace. Basically, you will have to create the secret for every namespace.
type: Opaque means that from kubernetes's point of view the contents of this Secret is unstructured, it can contain arbitrary key-value pairs. In contrast, there is the Secret storing ServiceAccount credentials, or the ones used as ImagePullSecret . These have a constrained contents.
How about field-selector:
$ kubectl get secrets --field-selector type=kubernetes.io/tls
You can do it jsonpath
. Something like this:
$ kubectl get secret -o=jsonpath='{range .items[*]}{.metadata.name} {.type}{"\n"}{end}' | grep -i tls
For example, to get all the type Opaque
secrets:
$ kubectl get secret -o=jsonpath='{range .items[*]}{.metadata.name} {.type}{"\n"}{end}' | grep Opaque
dummy-secret Opaque
mysecretdelete Opaque
Update:
Now you can do this with the --field-selector
option in kubectl
:
$ kubectl get secrets --field-selector type=kubernetes.io/tls
$ kubectl get secret --field-selector type=kubernetes.io/service-account-token
The accepted answer certainly works, but I was interested in finding a grep
-less solution. Here's my contribution.
$ kubectl get secret -o=jsonpath='{.items[?(@.type=="Opaque")].metadata.name}'
dummy-secret mysecretdelete
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With