initial commit

OutdatedVersion · OutdatedVersion · commit 564b87738840 · 2020-11-01T20:41:36.000-06:00
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+/target
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -0,0 +1,13 @@
+[package]
+name = "kubesecret"
+version = "0.1.0"
+authors = ["Ben Watkins <ben@outdatedversion.com>"]
+edition = "2018"
+"description" = "Utility to quickly view Kubernetes secrets"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+json = "0.12.4"
+base64 = "0.13.0"
+clap = "2.33.3"
diff --git a/README.md b/README.md
@@ -0,0 +1,8 @@
+# kubesecret
+
+View decoded Kubernetes secrets quickly.
+
+## Wish List
+
+- More comprehensive secret type support
+- Support defined namespaces
diff --git a/rustfmt.toml b/rustfmt.toml
@@ -0,0 +1 @@
+tab_spaces = 2
diff --git a/src/kube.rs b/src/kube.rs
@@ -0,0 +1,10 @@
+use std::process::Command;
+
+pub fn get_secret(secret_name: &str) -> String {
+    let cmd = Command::new("kubectl")
+    .args(&["get", "secret", &secret_name, "-o", "json"])
+    .output()
+    .expect("Could not run kubectl");
+
+  return String::from_utf8_lossy(&cmd.stdout).into_owned();
+}
diff --git a/src/lib.rs b/src/lib.rs
@@ -0,0 +1,32 @@
+#[macro_use]
+extern crate clap;
+
+use clap::{App, Arg, ArgMatches};
+
+pub mod kube;
+
+pub fn read_args() -> ArgMatches<'static> {
+  App::new(crate_name!())
+    .version(crate_version!())
+    .about(crate_description!())
+    .arg(
+      Arg::with_name("secretName")
+        .short("s")
+        .long("secret")
+        .value_name("secret name")
+        .help("Name of the Kubernetes secret")
+        .takes_value(true)
+        .required(true)
+        .index(1),
+    )
+    .arg(
+      Arg::with_name("secretKey")
+        .value_name("secret key")
+        .help("Key within the secret to get")
+        .required(false)
+        .multiple(true)
+        .takes_value(true)
+        .index(2),
+    )
+    .get_matches()
+}
diff --git a/src/main.rs b/src/main.rs
@@ -0,0 +1,46 @@
+extern crate base64;
+extern crate json;
+
+fn main() {
+  let args = kubesecret::read_args();
+  let secret_name = args.value_of("secretName").unwrap();
+
+  let cmd_output = kubesecret::kube::get_secret(secret_name);
+  
+  if cmd_output == "" {
+    eprintln!("No such secret '{}'", secret_name);
+    std::process::exit(1);
+  }
+
+  let parsed_json = json::parse(&cmd_output).unwrap();
+  let secret_data = &parsed_json["data"];
+
+  if args.is_present("secretKey") {
+    let secret_key = args
+      .values_of("secretKey")
+      .unwrap()
+      .map(|k| k.to_ascii_uppercase())
+      .collect::<Vec<String>>()
+      .join("_");
+
+    if !secret_data.has_key(&secret_key) {
+      eprintln!("Secret ({}) does not have '{}'", secret_name, secret_key);
+      std::process::exit(1);
+    }
+
+    print!("{}", b64_encoded_json_value_to_string(&secret_data[secret_key]));
+    std::process::exit(0);
+  }
+
+  for entry in secret_data.entries() {
+    let value = b64_encoded_json_value_to_string(entry.1);
+    print!("{}: {}", entry.0, value);
+  }
+}
+
+fn b64_encoded_json_value_to_string(json: &json::JsonValue) -> String {
+  let base64_encoded_value = json.as_str().expect("test");
+  let decoded_value = base64::decode(base64_encoded_value).unwrap();
+
+  return String::from_utf8_lossy(&decoded_value).into_owned();
+}
