Secret Groups
The following operations can be performed on secret groups managed by the controller in projects inside your organization.
| Resource | Create | Get | Update | Delete |
|---|---|---|---|---|
| Secret Groups | YES | YES | YES | YES |
Create Secret Groups¶
Use the below command to create a new Secret Groups in the current Project using the RCTL command
./rctl create secretgroup -f <secretgroup-file.yaml>
(or)
./rctl update secretgroup -f <secretgroup-file.yaml>
An illustrative example of the secret groups YAML file is given below
apiVersion: gitops.k8smgmt.io/v3
kind: SecretGroup
metadata:
name: new-secret-group
project: defaultproject
spec:
secrets:
- filePath: aws/credentials
secret: aws-credential
- filePath: oci/credentials
secret: oci-credential
Infrastructure Provisioners YAML¶
To refer the secret group objects in Infrastructure Provisioners, an illustrative example YAML file is given below
apiVersion: gitops.k8smgmt.io/v3
kind: InfraProvisioner
metadata:
name: aws-ip
project: demo
spec:
config:
secretGroups:
- aws-creds
version: 0.14.9
folder:
name: cred_terraform
repository: test
revision: main
type: Terraform
Pipeline YAML¶
To refer the Infrastructure Provisioners through Pipeline, an illustrative example of the pipeline YAML file is given below
apiVersion: gitops.k8smgmt.io/v3
kind: Pipeline
metadata:
name: aws-pipeline
project: demo
spec:
active: true
sharing:
enabled: false
stages:
- config:
action:
action: Plan
refresh: true
secretGroups:
- aws-creds
agents:
- name: demo
provisioner: aws-ip
type: Terraform
name: plan-stage
type: InfraProvisioner
triggers:
- config:
repo:
provider: Github
repository: test
revision: main
name: my-trigger
type: Webhook
Get Secret Group(s)¶
Use this command to retrieve a list of all secret groups
./rctl get sg
Example of the output:
+-------------------+
| SECRET GROUP NAME |
+-------------------+
| testsecret |
+-------------------+
| sg-1 |
+-------------------+
| test1 |
+-------------------+
| demo-1 |
+-------------------+
Use this command to retrieve a specific secret group
./rctl get sg <secretgroup-name>
Example of the output:
+-------------------+
| SECRET GROUP NAME |
+-------------------+
| testsecret |
+-------------------+
Delete Secret Group¶
Use the below command to delete a Secret Group in the configured project.
./rctl delete sg <secretgroup-name>