-
Notifications
You must be signed in to change notification settings - Fork 18
Checking Secrets
Chris MacNaughton edited this page Feb 12, 2021
·
1 revision
Taken from the upstream documentation, we can check a secret with:
cat ciphertext.txt | sed 's/^ *//' | base64 -d | sudo openssl rsautl -decrypt -oaep -inkey /var/lib/zuul/keys/secrets/project/github-git/openstack-charmers/zosci-config/0.pem
where cophertext.txt is populated by the value of an encrypted secret without the yaml bits, and without the header (!encrypted/pkcs1-oaep
).