Revert "Adding commands to get and set encryption configs"
This reverts commit 694067492c
.
Reason for revert: Encryption configs inside airship config are
no longer required. Encrypt feature was implemented different way.
Change-Id: I1c8feec75000402e314e815e4832ce740f0e1254
This commit is contained in:
parent
2351051ffd
commit
e4436ca36d
@ -39,9 +39,6 @@ func NewConfigCommand(cfgFactory config.Factory) *cobra.Command {
|
||||
configRootCmd.AddCommand(NewGetManifestCommand(cfgFactory))
|
||||
configRootCmd.AddCommand(NewSetManifestCommand(cfgFactory))
|
||||
|
||||
configRootCmd.AddCommand(NewGetEncryptionConfigCommand(cfgFactory))
|
||||
configRootCmd.AddCommand(NewSetEncryptionConfigCommand(cfgFactory))
|
||||
|
||||
// Init will have different factory
|
||||
configRootCmd.AddCommand(NewInitCommand())
|
||||
return configRootCmd
|
||||
|
@ -1,76 +0,0 @@
|
||||
/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
https://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package config
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/spf13/cobra"
|
||||
|
||||
"opendev.org/airship/airshipctl/pkg/config"
|
||||
)
|
||||
|
||||
const (
|
||||
getEncryptionConfigsLong = `
|
||||
Display a specific encryption config information, or all defined encryption configs if no name is provided.
|
||||
`
|
||||
|
||||
getEncryptionConfigsExample = `
|
||||
# List all the encryption configs airshipctl knows about
|
||||
airshipctl config get-encryption-configs
|
||||
|
||||
# Display a specific encryption config
|
||||
airshipctl config get-encryption-config exampleConfig
|
||||
`
|
||||
)
|
||||
|
||||
// NewGetEncryptionConfigCommand creates a command that enables printing an encryption configuration to stdout.
|
||||
func NewGetEncryptionConfigCommand(cfgFactory config.Factory) *cobra.Command {
|
||||
cmd := &cobra.Command{
|
||||
Use: "get-encryption-config NAME",
|
||||
Short: "Get an encryption config information from the airshipctl config",
|
||||
Long: getEncryptionConfigsLong[1:],
|
||||
Example: getEncryptionConfigsExample,
|
||||
Args: cobra.MaximumNArgs(1),
|
||||
Aliases: []string{"get-encryption-configs"},
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
airconfig, err := cfgFactory()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if len(args) == 1 {
|
||||
name := args[0]
|
||||
encryptionConfig, exists := airconfig.EncryptionConfigs[name]
|
||||
if !exists {
|
||||
return config.ErrEncryptionConfigurationNotFound{
|
||||
Name: fmt.Sprintf("Encryption Config with name '%s'", name),
|
||||
}
|
||||
}
|
||||
fmt.Fprintln(cmd.OutOrStdout(), encryptionConfig)
|
||||
} else {
|
||||
encryptionConfigs := airconfig.GetEncryptionConfigs()
|
||||
if len(encryptionConfigs) == 0 {
|
||||
fmt.Fprintln(cmd.OutOrStdout(), "No Encryption Config found in the configuration.")
|
||||
}
|
||||
for _, encryptionConfig := range encryptionConfigs {
|
||||
fmt.Fprintln(cmd.OutOrStdout(), encryptionConfig)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
},
|
||||
}
|
||||
|
||||
return cmd
|
||||
}
|
@ -1,65 +0,0 @@
|
||||
/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package config_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
cmd "opendev.org/airship/airshipctl/cmd/config"
|
||||
"opendev.org/airship/airshipctl/pkg/config"
|
||||
"opendev.org/airship/airshipctl/testutil"
|
||||
)
|
||||
|
||||
func TestGetEncryptionConfigCmd(t *testing.T) {
|
||||
settings := func() (*config.Config, error) {
|
||||
return &config.Config{
|
||||
EncryptionConfigs: map[string]*config.EncryptionConfig{
|
||||
config.AirshipDefaultContext: testutil.DummyEncryptionConfig(),
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
emptySettings := func() (*config.Config, error) {
|
||||
return &config.Config{}, nil
|
||||
}
|
||||
|
||||
cmdTests := []*testutil.CmdTest{
|
||||
{
|
||||
Name: "get-encryption-config-with-help",
|
||||
CmdLine: "--help",
|
||||
Cmd: cmd.NewGetEncryptionConfigCommand(nil),
|
||||
},
|
||||
{
|
||||
Name: "get-encryption-config-not-found",
|
||||
CmdLine: "foo",
|
||||
Cmd: cmd.NewGetEncryptionConfigCommand(emptySettings),
|
||||
Error: config.ErrEncryptionConfigurationNotFound{Name: "Encryption Config with name 'foo'"},
|
||||
},
|
||||
{
|
||||
Name: "get-encryption-config-all",
|
||||
CmdLine: "",
|
||||
Cmd: cmd.NewGetEncryptionConfigCommand(settings),
|
||||
},
|
||||
{
|
||||
Name: "get-empty-encryption-config",
|
||||
CmdLine: config.AirshipDefaultContext,
|
||||
Cmd: cmd.NewGetEncryptionConfigCommand(settings),
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range cmdTests {
|
||||
testutil.RunTest(t, tt)
|
||||
}
|
||||
}
|
@ -31,7 +31,6 @@ Create or modify a context in the airshipctl config files.
|
||||
# Create a new context named "exampleContext"
|
||||
airshipctl config set-context exampleContext \
|
||||
--manifest=exampleManifest \
|
||||
--encryption-config=exampleEncryptionConfig
|
||||
|
||||
# Update the manifest of the current-context
|
||||
airshipctl config set-context \
|
||||
@ -92,12 +91,6 @@ func addSetContextFlags(o *config.ContextOptions, cmd *cobra.Command) {
|
||||
"",
|
||||
"set the manifest for the specified context")
|
||||
|
||||
flags.StringVar(
|
||||
&o.EncryptionConfig,
|
||||
"encryption-config",
|
||||
"",
|
||||
"set the encryption config for the specified context")
|
||||
|
||||
flags.BoolVar(
|
||||
&o.Current,
|
||||
"current",
|
||||
|
@ -28,7 +28,6 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
testEncryptionConfig = "test_encryption_config"
|
||||
defaultManifest = "edge_cloud"
|
||||
testManifest = "test_manifest"
|
||||
)
|
||||
@ -75,18 +74,15 @@ func TestSetContext(t *testing.T) {
|
||||
flags []string
|
||||
givenConfig *config.Config
|
||||
manifest string
|
||||
encryptionConfig string
|
||||
}{
|
||||
{
|
||||
testName: "set-context",
|
||||
contextName: "dummycontext",
|
||||
flags: []string{
|
||||
"--manifest=" + defaultManifest,
|
||||
"--encryption-config=" + testEncryptionConfig,
|
||||
},
|
||||
givenConfig: given,
|
||||
manifest: defaultManifest,
|
||||
encryptionConfig: testEncryptionConfig,
|
||||
},
|
||||
{
|
||||
testName: "set-current-context",
|
||||
@ -103,15 +99,6 @@ func TestSetContext(t *testing.T) {
|
||||
givenConfig: given,
|
||||
manifest: testManifest,
|
||||
},
|
||||
{
|
||||
testName: "modify-context",
|
||||
contextName: "def_target",
|
||||
flags: []string{
|
||||
"--encryption-config=" + testEncryptionConfig,
|
||||
},
|
||||
givenConfig: given,
|
||||
encryptionConfig: testEncryptionConfig,
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
|
@ -1,104 +0,0 @@
|
||||
/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package config
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/spf13/cobra"
|
||||
|
||||
"opendev.org/airship/airshipctl/pkg/config"
|
||||
)
|
||||
|
||||
const (
|
||||
setEncryptionConfigLong = `
|
||||
Create or modify an encryption config in the airshipctl config file.
|
||||
|
||||
Encryption configs are local files or kubernetes secrets that are used to encrypt and decrypt kubernetes objects
|
||||
`
|
||||
|
||||
setEncryptionConfigExample = `
|
||||
# Create an encryption config with local gpg key source
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--encryption-key path-to-encryption-key \
|
||||
--decryption-key path-to-encryption-key
|
||||
|
||||
# Create an encryption config with kube api server secret as the store to store encryption keys
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--secret-name secretName \
|
||||
--secret-namespace secretNamespace
|
||||
`
|
||||
)
|
||||
|
||||
// NewSetEncryptionConfigCommand creates a command for creating and modifying encryption
|
||||
// configs in the airshipctl config file.
|
||||
func NewSetEncryptionConfigCommand(cfgFactory config.Factory) *cobra.Command {
|
||||
o := &config.EncryptionConfigOptions{}
|
||||
cmd := &cobra.Command{
|
||||
Use: "set-encryption-config NAME",
|
||||
Short: "Manage encryption configs in airship config",
|
||||
Long: setEncryptionConfigLong[1:],
|
||||
Example: setEncryptionConfigExample,
|
||||
Args: cobra.ExactArgs(1),
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
cfg, err := cfgFactory()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
o.Name = args[0]
|
||||
modified, err := config.RunSetEncryptionConfig(o, cfg, true)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if modified {
|
||||
fmt.Fprintf(cmd.OutOrStdout(), "Encryption Config %q modified.\n", o.Name)
|
||||
} else {
|
||||
fmt.Fprintf(cmd.OutOrStdout(), "Encryption Config %q created.\n", o.Name)
|
||||
}
|
||||
return nil
|
||||
},
|
||||
}
|
||||
|
||||
addSetEncryptionConfigFlags(o, cmd)
|
||||
return cmd
|
||||
}
|
||||
|
||||
func addSetEncryptionConfigFlags(o *config.EncryptionConfigOptions, cmd *cobra.Command) {
|
||||
flags := cmd.Flags()
|
||||
|
||||
flags.StringVar(
|
||||
&o.EncryptionKeyPath,
|
||||
"encryption-key-path",
|
||||
"",
|
||||
"the path to the encryption key file")
|
||||
|
||||
flags.StringVar(
|
||||
&o.DecryptionKeyPath,
|
||||
"decryption-key-path",
|
||||
"",
|
||||
"the path to the decryption key file")
|
||||
|
||||
flags.StringVar(
|
||||
&o.KeySecretName,
|
||||
"secret-name",
|
||||
"",
|
||||
"name of the secret consisting of the encryption and decryption keys")
|
||||
|
||||
flags.StringVar(
|
||||
&o.KeySecretNamespace,
|
||||
"secret-namespace",
|
||||
"",
|
||||
"namespace of the secret consisting of the encryption and decryption keys")
|
||||
}
|
@ -1,179 +0,0 @@
|
||||
/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package config
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"opendev.org/airship/airshipctl/pkg/config"
|
||||
"opendev.org/airship/airshipctl/testutil"
|
||||
)
|
||||
|
||||
const (
|
||||
encryptionConfigName = "encryptionConfig"
|
||||
secretName = "secretName"
|
||||
secretNamespace = "secretNamespace"
|
||||
encryptionKeyFilePath = "/tmp/encryption.key"
|
||||
decryptionKeyFilePath = "/tmp/decryption.pub"
|
||||
)
|
||||
|
||||
func TestConfigSetEncryptionConfigurationCmd(t *testing.T) {
|
||||
cmdTests := []*testutil.CmdTest{
|
||||
{
|
||||
Name: "config-cmd-set-encryption-config-with-help",
|
||||
CmdLine: "--help",
|
||||
Cmd: NewSetEncryptionConfigCommand(nil),
|
||||
},
|
||||
{
|
||||
Name: "config-cmd-set-encryption-config-no-args",
|
||||
CmdLine: "",
|
||||
Cmd: NewSetEncryptionConfigCommand(nil),
|
||||
Error: fmt.Errorf("accepts %d arg(s), received %d", 1, 0),
|
||||
},
|
||||
{
|
||||
Name: "config-cmd-set-encryption-config-excess-args",
|
||||
CmdLine: "arg1 arg2",
|
||||
Cmd: NewSetEncryptionConfigCommand(nil),
|
||||
Error: fmt.Errorf("accepts %d arg(s), received %d", 1, 2),
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range cmdTests {
|
||||
testutil.RunTest(t, tt)
|
||||
}
|
||||
}
|
||||
|
||||
func TestSetEncryptionConfig(t *testing.T) {
|
||||
given, cleanupGiven := testutil.InitConfig(t)
|
||||
defer cleanupGiven(t)
|
||||
|
||||
tests := []struct {
|
||||
testName string
|
||||
encryptionConfigName string
|
||||
flags []string
|
||||
inputConfig *config.Config
|
||||
secretName string
|
||||
secretNamespace string
|
||||
encryptionKeyFilePath string
|
||||
decryptionKeyFilePath string
|
||||
error error
|
||||
}{
|
||||
{
|
||||
testName: "set-encryption-config-error-no-encryption",
|
||||
encryptionKeyFilePath: encryptionKeyFilePath,
|
||||
decryptionKeyFilePath: decryptionKeyFilePath,
|
||||
encryptionConfigName: encryptionConfigName,
|
||||
flags: []string{
|
||||
"--decryption-key-path " + decryptionKeyFilePath,
|
||||
},
|
||||
error: fmt.Errorf("specify both encryption " +
|
||||
"and decryption keys when setting encryption config"),
|
||||
inputConfig: given,
|
||||
},
|
||||
{
|
||||
testName: "set-encryption-config-error-no-decryption",
|
||||
flags: []string{
|
||||
"--encryption-key-path " + encryptionKeyFilePath,
|
||||
},
|
||||
error: fmt.Errorf("you must specify both encryption " +
|
||||
"and decryption keys when setting encryption config"),
|
||||
encryptionConfigName: encryptionConfigName,
|
||||
encryptionKeyFilePath: encryptionKeyFilePath,
|
||||
decryptionKeyFilePath: decryptionKeyFilePath,
|
||||
},
|
||||
{
|
||||
testName: "set-encryption-config-error-no-options",
|
||||
encryptionConfigName: encryptionConfigName,
|
||||
error: fmt.Errorf("you must specify both encryption " +
|
||||
"and decryption keys when setting encryption config"),
|
||||
inputConfig: given,
|
||||
},
|
||||
{
|
||||
testName: "set-encryption-config",
|
||||
encryptionConfigName: encryptionConfigName,
|
||||
encryptionKeyFilePath: encryptionKeyFilePath,
|
||||
decryptionKeyFilePath: decryptionKeyFilePath,
|
||||
flags: []string{
|
||||
"--decryption-key-path " + decryptionKeyFilePath,
|
||||
"--encryption-key-path " + encryptionKeyFilePath,
|
||||
},
|
||||
inputConfig: given,
|
||||
},
|
||||
{
|
||||
testName: "set-encryption-config-error-no-namespace",
|
||||
encryptionConfigName: encryptionConfigName,
|
||||
flags: []string{
|
||||
"--secret-name " + secretName,
|
||||
},
|
||||
error: fmt.Errorf("you must specify both secret name and namespace" +
|
||||
" when setting encryption config"),
|
||||
},
|
||||
{
|
||||
testName: "set-encryption-config-error-no-secret-name",
|
||||
encryptionConfigName: encryptionConfigName,
|
||||
flags: []string{
|
||||
"--secret-namespace " + secretNamespace,
|
||||
},
|
||||
error: fmt.Errorf("you must specify both secret name and namespace" +
|
||||
" when setting encryption config"),
|
||||
},
|
||||
{
|
||||
testName: "set-encryption-config",
|
||||
encryptionConfigName: encryptionConfigName,
|
||||
secretName: secretName,
|
||||
secretNamespace: secretNamespace,
|
||||
encryptionKeyFilePath: encryptionKeyFilePath,
|
||||
decryptionKeyFilePath: decryptionKeyFilePath,
|
||||
flags: []string{
|
||||
"--secret-name " + secretName,
|
||||
"--secret-namespace " + secretNamespace,
|
||||
},
|
||||
inputConfig: given,
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
settings := func() (*config.Config, error) {
|
||||
return tt.inputConfig, nil
|
||||
}
|
||||
|
||||
cmd := &testutil.CmdTest{
|
||||
Name: tt.testName,
|
||||
CmdLine: fmt.Sprintf("%s %s", tt.encryptionConfigName, strings.Join(tt.flags, " ")),
|
||||
Error: tt.error,
|
||||
Cmd: NewSetEncryptionConfigCommand(settings),
|
||||
}
|
||||
|
||||
testutil.RunTest(t, cmd)
|
||||
|
||||
if cmd.Error != nil {
|
||||
return
|
||||
}
|
||||
|
||||
afterRunConf := tt.inputConfig
|
||||
// Find the Encryption Config Created or Modified
|
||||
afterRunEncryptionConfig, _ := afterRunConf.EncryptionConfigs[tt.encryptionConfigName]
|
||||
require.NotNil(t, afterRunEncryptionConfig)
|
||||
assert.EqualValues(t, afterRunEncryptionConfig.KeySecretName, tt.secretName)
|
||||
assert.EqualValues(t, afterRunEncryptionConfig.KeySecretNamespace, tt.secretNamespace)
|
||||
assert.EqualValues(t, afterRunEncryptionConfig.EncryptionKeyPath, tt.encryptionKeyFilePath)
|
||||
assert.EqualValues(t, afterRunEncryptionConfig.DecryptionKeyPath, tt.decryptionKeyFilePath)
|
||||
}
|
||||
}
|
@ -5,13 +5,11 @@ Usage:
|
||||
|
||||
Available Commands:
|
||||
get-context Get context information from the airshipctl config
|
||||
get-encryption-config Get an encryption config information from the airshipctl config
|
||||
get-management-config View a management config or all management configs defined in the airshipctl config
|
||||
get-manifest Get a manifest information from the airshipctl config
|
||||
help Help about any command
|
||||
init Generate initial configuration file for airshipctl
|
||||
set-context Manage contexts
|
||||
set-encryption-config Manage encryption configs in airship config
|
||||
set-management-config Modify an out-of-band management configuration
|
||||
set-manifest Manage manifests in airship config
|
||||
use-context Switch to a different context
|
||||
|
@ -7,7 +7,6 @@ Examples:
|
||||
# Create a new context named "exampleContext"
|
||||
airshipctl config set-context exampleContext \
|
||||
--manifest=exampleManifest \
|
||||
--encryption-config=exampleEncryptionConfig
|
||||
|
||||
# Update the manifest of the current-context
|
||||
airshipctl config set-context \
|
||||
@ -17,7 +16,6 @@ airshipctl config set-context \
|
||||
|
||||
Flags:
|
||||
--current update the current context
|
||||
--encryption-config string set the encryption config for the specified context
|
||||
-h, --help help for set-context
|
||||
--manifest string set the manifest for the specified context
|
||||
|
||||
|
@ -8,7 +8,6 @@ Examples:
|
||||
# Create a new context named "exampleContext"
|
||||
airshipctl config set-context exampleContext \
|
||||
--manifest=exampleManifest \
|
||||
--encryption-config=exampleEncryptionConfig
|
||||
|
||||
# Update the manifest of the current-context
|
||||
airshipctl config set-context \
|
||||
@ -18,6 +17,5 @@ airshipctl config set-context \
|
||||
|
||||
Flags:
|
||||
--current update the current context
|
||||
--encryption-config string set the encryption config for the specified context
|
||||
-h, --help help for set-context
|
||||
--manifest string set the manifest for the specified context
|
||||
|
@ -1,24 +0,0 @@
|
||||
Error: accepts 1 arg(s), received 2
|
||||
Usage:
|
||||
set-encryption-config NAME [flags]
|
||||
|
||||
Examples:
|
||||
|
||||
# Create an encryption config with local gpg key source
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--encryption-key path-to-encryption-key \
|
||||
--decryption-key path-to-encryption-key
|
||||
|
||||
# Create an encryption config with kube api server secret as the store to store encryption keys
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--secret-name secretName \
|
||||
--secret-namespace secretNamespace
|
||||
|
||||
|
||||
Flags:
|
||||
--decryption-key-path string the path to the decryption key file
|
||||
--encryption-key-path string the path to the encryption key file
|
||||
-h, --help help for set-encryption-config
|
||||
--secret-name string name of the secret consisting of the encryption and decryption keys
|
||||
--secret-namespace string namespace of the secret consisting of the encryption and decryption keys
|
||||
|
@ -1,24 +0,0 @@
|
||||
Error: accepts 1 arg(s), received 0
|
||||
Usage:
|
||||
set-encryption-config NAME [flags]
|
||||
|
||||
Examples:
|
||||
|
||||
# Create an encryption config with local gpg key source
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--encryption-key path-to-encryption-key \
|
||||
--decryption-key path-to-encryption-key
|
||||
|
||||
# Create an encryption config with kube api server secret as the store to store encryption keys
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--secret-name secretName \
|
||||
--secret-namespace secretNamespace
|
||||
|
||||
|
||||
Flags:
|
||||
--decryption-key-path string the path to the decryption key file
|
||||
--encryption-key-path string the path to the encryption key file
|
||||
-h, --help help for set-encryption-config
|
||||
--secret-name string name of the secret consisting of the encryption and decryption keys
|
||||
--secret-namespace string namespace of the secret consisting of the encryption and decryption keys
|
||||
|
@ -1,26 +0,0 @@
|
||||
Create or modify an encryption config in the airshipctl config file.
|
||||
|
||||
Encryption configs are local files or kubernetes secrets that are used to encrypt and decrypt kubernetes objects
|
||||
|
||||
Usage:
|
||||
set-encryption-config NAME [flags]
|
||||
|
||||
Examples:
|
||||
|
||||
# Create an encryption config with local gpg key source
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--encryption-key path-to-encryption-key \
|
||||
--decryption-key path-to-encryption-key
|
||||
|
||||
# Create an encryption config with kube api server secret as the store to store encryption keys
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--secret-name secretName \
|
||||
--secret-namespace secretNamespace
|
||||
|
||||
|
||||
Flags:
|
||||
--decryption-key-path string the path to the decryption key file
|
||||
--encryption-key-path string the path to the encryption key file
|
||||
-h, --help help for set-encryption-config
|
||||
--secret-name string name of the secret consisting of the encryption and decryption keys
|
||||
--secret-namespace string namespace of the secret consisting of the encryption and decryption keys
|
@ -1,3 +0,0 @@
|
||||
decryptionKeyPath: /tmp/decryption.pub
|
||||
encryptionKeyPath: /tmp/encryption.key
|
||||
|
@ -1,3 +0,0 @@
|
||||
decryptionKeyPath: /tmp/decryption.pub
|
||||
encryptionKeyPath: /tmp/encryption.key
|
||||
|
@ -1,19 +0,0 @@
|
||||
Error: Unknown encryption configuration 'Encryption Config with name 'foo''.
|
||||
Usage:
|
||||
get-encryption-config NAME [flags]
|
||||
|
||||
Aliases:
|
||||
get-encryption-config, get-encryption-configs
|
||||
|
||||
Examples:
|
||||
|
||||
# List all the encryption configs airshipctl knows about
|
||||
airshipctl config get-encryption-configs
|
||||
|
||||
# Display a specific encryption config
|
||||
airshipctl config get-encryption-config exampleConfig
|
||||
|
||||
|
||||
Flags:
|
||||
-h, --help help for get-encryption-config
|
||||
|
@ -1,19 +0,0 @@
|
||||
Display a specific encryption config information, or all defined encryption configs if no name is provided.
|
||||
|
||||
Usage:
|
||||
get-encryption-config NAME [flags]
|
||||
|
||||
Aliases:
|
||||
get-encryption-config, get-encryption-configs
|
||||
|
||||
Examples:
|
||||
|
||||
# List all the encryption configs airshipctl knows about
|
||||
airshipctl config get-encryption-configs
|
||||
|
||||
# Display a specific encryption config
|
||||
airshipctl config get-encryption-config exampleConfig
|
||||
|
||||
|
||||
Flags:
|
||||
-h, --help help for get-encryption-config
|
@ -1,24 +0,0 @@
|
||||
Error: specify both encryption and decryption keys when setting encryption config
|
||||
Usage:
|
||||
set-encryption-config NAME [flags]
|
||||
|
||||
Examples:
|
||||
|
||||
# Create an encryption config with local gpg key source
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--encryption-key path-to-encryption-key \
|
||||
--decryption-key path-to-encryption-key
|
||||
|
||||
# Create an encryption config with kube api server secret as the store to store encryption keys
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--secret-name secretName \
|
||||
--secret-namespace secretNamespace
|
||||
|
||||
|
||||
Flags:
|
||||
--decryption-key-path string the path to the decryption key file
|
||||
--encryption-key-path string the path to the encryption key file
|
||||
-h, --help help for set-encryption-config
|
||||
--secret-name string name of the secret consisting of the encryption and decryption keys
|
||||
--secret-namespace string namespace of the secret consisting of the encryption and decryption keys
|
||||
|
@ -23,12 +23,10 @@ Manage the airshipctl config file
|
||||
|
||||
* [airshipctl](airshipctl.md) - A unified entrypoint to various airship components
|
||||
* [airshipctl config get-context](airshipctl_config_get-context.md) - Get context information from the airshipctl config
|
||||
* [airshipctl config get-encryption-config](airshipctl_config_get-encryption-config.md) - Get an encryption config information from the airshipctl config
|
||||
* [airshipctl config get-management-config](airshipctl_config_get-management-config.md) - View a management config or all management configs defined in the airshipctl config
|
||||
* [airshipctl config get-manifest](airshipctl_config_get-manifest.md) - Get a manifest information from the airshipctl config
|
||||
* [airshipctl config init](airshipctl_config_init.md) - Generate initial configuration file for airshipctl
|
||||
* [airshipctl config set-context](airshipctl_config_set-context.md) - Manage contexts
|
||||
* [airshipctl config set-encryption-config](airshipctl_config_set-encryption-config.md) - Manage encryption configs in airship config
|
||||
* [airshipctl config set-management-config](airshipctl_config_set-management-config.md) - Modify an out-of-band management configuration
|
||||
* [airshipctl config set-manifest](airshipctl_config_set-manifest.md) - Manage manifests in airship config
|
||||
* [airshipctl config use-context](airshipctl_config_use-context.md) - Switch to a different context
|
||||
|
@ -1,42 +0,0 @@
|
||||
## airshipctl config get-encryption-config
|
||||
|
||||
Get an encryption config information from the airshipctl config
|
||||
|
||||
### Synopsis
|
||||
|
||||
Display a specific encryption config information, or all defined encryption configs if no name is provided.
|
||||
|
||||
|
||||
```
|
||||
airshipctl config get-encryption-config NAME [flags]
|
||||
```
|
||||
|
||||
### Examples
|
||||
|
||||
```
|
||||
|
||||
# List all the encryption configs airshipctl knows about
|
||||
airshipctl config get-encryption-configs
|
||||
|
||||
# Display a specific encryption config
|
||||
airshipctl config get-encryption-config exampleConfig
|
||||
|
||||
```
|
||||
|
||||
### Options
|
||||
|
||||
```
|
||||
-h, --help help for get-encryption-config
|
||||
```
|
||||
|
||||
### Options inherited from parent commands
|
||||
|
||||
```
|
||||
--airshipconf string Path to file for airshipctl configuration. (default "$HOME/.airship/config")
|
||||
--debug enable verbose output
|
||||
```
|
||||
|
||||
### SEE ALSO
|
||||
|
||||
* [airshipctl config](airshipctl_config.md) - Manage the airshipctl config file
|
||||
|
@ -18,7 +18,6 @@ airshipctl config set-context NAME [flags]
|
||||
# Create a new context named "exampleContext"
|
||||
airshipctl config set-context exampleContext \
|
||||
--manifest=exampleManifest \
|
||||
--encryption-config=exampleEncryptionConfig
|
||||
|
||||
# Update the manifest of the current-context
|
||||
airshipctl config set-context \
|
||||
@ -31,7 +30,6 @@ airshipctl config set-context \
|
||||
|
||||
```
|
||||
--current update the current context
|
||||
--encryption-config string set the encryption config for the specified context
|
||||
-h, --help help for set-context
|
||||
--manifest string set the manifest for the specified context
|
||||
```
|
||||
|
@ -1,52 +0,0 @@
|
||||
## airshipctl config set-encryption-config
|
||||
|
||||
Manage encryption configs in airship config
|
||||
|
||||
### Synopsis
|
||||
|
||||
Create or modify an encryption config in the airshipctl config file.
|
||||
|
||||
Encryption configs are local files or kubernetes secrets that are used to encrypt and decrypt kubernetes objects
|
||||
|
||||
|
||||
```
|
||||
airshipctl config set-encryption-config NAME [flags]
|
||||
```
|
||||
|
||||
### Examples
|
||||
|
||||
```
|
||||
|
||||
# Create an encryption config with local gpg key source
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--encryption-key path-to-encryption-key \
|
||||
--decryption-key path-to-encryption-key
|
||||
|
||||
# Create an encryption config with kube api server secret as the store to store encryption keys
|
||||
airshipctl config set-encryption-config exampleConfig \
|
||||
--secret-name secretName \
|
||||
--secret-namespace secretNamespace
|
||||
|
||||
```
|
||||
|
||||
### Options
|
||||
|
||||
```
|
||||
--decryption-key-path string the path to the decryption key file
|
||||
--encryption-key-path string the path to the encryption key file
|
||||
-h, --help help for set-encryption-config
|
||||
--secret-name string name of the secret consisting of the encryption and decryption keys
|
||||
--secret-namespace string namespace of the secret consisting of the encryption and decryption keys
|
||||
```
|
||||
|
||||
### Options inherited from parent commands
|
||||
|
||||
```
|
||||
--airshipconf string Path to file for airshipctl configuration. (default "$HOME/.airship/config")
|
||||
--debug enable verbose output
|
||||
```
|
||||
|
||||
### SEE ALSO
|
||||
|
||||
* [airshipctl config](airshipctl_config.md) - Manage the airshipctl config file
|
||||
|
@ -28,5 +28,5 @@ such as getting list and applying specific one.
|
||||
* [airshipctl phase render](airshipctl_phase_render.md) - Render phase documents from model
|
||||
* [airshipctl phase run](airshipctl_phase_run.md) - Run phase
|
||||
* [airshipctl phase tree](airshipctl_phase_tree.md) - Tree view of kustomize entrypoints of phase
|
||||
* [airshipctl phase validate](airshipctl_phase_validate.md) - Validate phase
|
||||
* [airshipctl phase validate](airshipctl_phase_validate.md) - Assert that a phase is valid
|
||||
|
||||
|
@ -4,7 +4,8 @@ Assert that a phase is valid
|
||||
|
||||
### Synopsis
|
||||
|
||||
Command which would validate that the phase contains the required documents to run the phase
|
||||
Command which would validate that the phase contains the required documents to run the phase.
|
||||
|
||||
|
||||
```
|
||||
airshipctl phase validate PHASE_NAME [flags]
|
||||
@ -22,7 +23,7 @@ airshipctl phase validate initinfra
|
||||
### Options
|
||||
|
||||
```
|
||||
-h, --help help for run
|
||||
-h, --help help for validate
|
||||
```
|
||||
|
||||
### Options inherited from parent commands
|
||||
|
Loading…
Reference in New Issue
Block a user