You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hey all, I need help understanding what the outcome of this scenario would be:
Encrypt a Secret manifest and output it into a file with kubeseal -f input_secret.yaml -w output_secret.yaml
1 month passes and the sealed-secrets-controller rotates the sealing keys automatically.
I need to change one of the credentials in the manifest so I encrypt the new string on its own with kubeseal --raw --from-file=pword --name database-credentials --namespace example-environment.
Copy and paste that output into the existing SealedSecret manifest.
When I deploy that SealedSecret to the Kubernetes cluster, will the sealed-secrets-operator be able to 'unseal' the SealedSecret resource properly? Considering it has credentials encrypted with 2 different public keys.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hey all, I need help understanding what the outcome of this scenario would be:
kubeseal -f input_secret.yaml -w output_secret.yamlkubeseal --raw --from-file=pword --name database-credentials --namespace example-environment.When I deploy that SealedSecret to the Kubernetes cluster, will the sealed-secrets-operator be able to 'unseal' the SealedSecret resource properly? Considering it has credentials encrypted with 2 different public keys.
Thanks!
Beta Was this translation helpful? Give feedback.
All reactions