Kubernetes: modify a secret using kubectl?

Question

How can I modify the values in a Kubernetes secret using kubectl?

I created the secret with kubernetes create secret generic, but there does not seem to be a way to modify a secret. For example, to add a new secret-value to it, or to change a secret-value in it.

I assume i can go 'low-level', and write the yaml-file and do a kubectl edit but I hope there is a simpler way.

(I'm using kubernetes 1.2.x)

Answer 1

The most direct (and interactive) way should be to execute kubectl edit secret <my secret>. Run kubectl get secrets if you'd like to see the list of secrets managed by Kubernetes.

Answer 2

In case you prefer a non-interactive update, this is one way of doing it:

kubectl get secret mysecret -o json | jq '.data["foo"]="YmFy"' | kubectl apply -f - 

Note that YmFy is a base64-encoded bar string. If you want to pass the value as an argument, jq allows you to do that:

kubectl get secret mysecret -o json | jq --arg foo "$(echo bar | base64)" '.data["foo"]=$foo' | kubectl apply -f - 

I'm more comfortable using jq but yq should also do the job if you prefer yaml format.