tanzu external-secrets
Interact with the External Secrets Operator API in Tanzu Application Platform (commonly known as TAP). Create and view External Secrets Operator resources on a Kubernetes cluster. For more information, see the TAP documentation.
Installation
To access this command group, you must install the Tanzu CLI by following the instructions in Install the Tanzu CLI in the Tanzu Application Platform documentation.
Usage
CLI plugin: external-secrets | Target: Kubernetes | Primarily used for: App development | Release Notes
tanzu kubernetes external-secrets [command]
Aliases
external-secrets, es, eso
Commands
cluster-stores Interacting with external-secrets.io ClusterStores
secrets Interacting with external-secrets.io secrets
stores Interacting with external-secrets.io stores
external-secrets cluster-stores
List external secrets cluster stores.
Usage
tanzu kubernetes external-secrets cluster-stores [command]
Commands
create
get
list Lists all external-secrets.io/v1beta1/Secrets
Flags
-h, --help help for cluster-stores
external-secrets cluster-stores create
Creates a cluster-store external-secrets.io/v1beta1/ClusterSecretStore resource.
Usage
external-secrets cluster-stores create [flags]
Examples
To create a ClusterStore resource from a YAML or JSON file, run:
tanzu external-secrets cluster-stores create --filename my-file.yaml
To create a ClusterStore resource from YAML or JSON using stdin, run:
cat <<EOF | tanzu external-secrets cluster-stores create -f -
apiVersion: external-secrets.io/v1beta1
kind: ClusterSecretStore
...
EOF
Flags
-f, --filepath string Yaml/Json file to create cluster store secret via external-secrets operator
-h, --help help for create
--kubeconfig string The path to the kubeconfig file, optional
--verbose int32 Number for the log level verbosity(0-9)
-y, --yes accept all prompts
external-secrets cluster-stores get
Gets a specific external-secrets.io/v1beta1/ClusterSecretStore resource.
Usage
external-secrets cluster-stores get [flags]
Examples
To get a cluster-store, run:
tanzu external-secrets cluster-stores get $CLUSTER_STORE_NAME
To get a cluster-store in JSON output format, run:
tanzu external-secrets cluster-stores get $CLUSTER_STORE_NAME -o json
Flags
-h, --help help for get
--kubeconfig string The path to the kubeconfig file, optional
-o, --output string Output format (yaml|json|table), optional
--verbose int32 Number for the log level verbosity(0-9)
external-secrets cluster-stores list
Lists all external-secrets.io/v1beta1/ClusterStores.
Usage
external-secrets cluster-stores list [flags]
Examples
To list all external secrets cluster stores, run:
tanzu external-secrets cluster-stores list
To list all external secrets cluster stores in JSON output format, run:
tanzu external-secrets cluster-stores list -o json
Flags
-h, --help help for list
--kubeconfig string The path to the kubeconfig file, optional
-o, --output string Output format (yaml|json|table), optional
--verbose int32 Number for the log level verbosity(0-9)
tanzu external-secrets
Interacts with external-secrets.io resources.
Usage
tanzu kubernetes external-secrets secrets [command]
Aliases
secrets, secret, secrets
Commands
create Create external-secret external-secrets.io/v1beta1/ExternalSecret
list Lists all external-secrets.io/v1beta1/Secrets
sync Sync a secret
Flags
-h, --help help for secrets
tanzu external-secrets secrets create
Creates external-secret external-secrets.io/v1beta1/ExternalSecret.
Usage
tanzu kubernetes external-secrets secrets create [flags]
Examples
Create ExternalSecret resource from yaml/json file
tanzu external-secrets secret create --filename <file.yaml>
Create ExternalSecret resource from yaml/json stdin
cat <<EOF | tanzu external-secrets secret create -f -
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
...
EOF
Flags
-f, --filepath string Yaml/Json file to create secret via external-secrets operator
-h, --help help for create
--kubeconfig string The path to the kubeconfig file, optional
-n, --namespace string Target namespace for the external secret, optional
--verbose int32 Number for the log level verbosity(0-9)
-y, --yes accept all prompts
tanzu external-secrets secrets list
Lists all external-secrets.io/v1beta1/ExternalSecret and checks for the associated v1/Secret with the correct owner reference.
Usage
tanzu kubernetes external-secrets secrets list [flags]
Examples
# List external-secrets across all namespaces
tanzu external-secrets list -A
# List external-secrets from specified namespace
tanzu external-secrets secrets list -n test-ns
# List external-secrets in json output format
tanzu external-secrets secret list -n test-ns -o json
Flags
-A, --all-namespaces View secrets in all namespaces, optional
-h, --help help for list
--kubeconfig string The path to the kubeconfig file, optional
-n, --namespace string Target namespace for the external secret, optional
-o, --output string Output format (yaml|json|table), optional
--verbose int32 Number for the log level verbosity(0-9)
tanzu external-secrets secrets sync
Forces the synchronization of an external-secrets.io/v1beta1 secret.
Usage
tanzu kubernetes external-secrets secrets sync [flags]
Aliases
sync, synchronise, synchronize
Examples
# Trigger the sync of an external secret
tanzu external-secrets secrets sync <secret>
# Trigger the sync of an external secret in a namespace
tanzu external-secrets secrets sync <secret> -n dev
Flags
-h, --help help for sync
--kubeconfig string The path to the kubeconfig file, optional
-n, --namespace string Target namespace for the external secret, optional
--verbose int32 Number for the log level verbosity(0-9)
tanzu external-secrets stores
Lists external secrets stores.
Usage
tanzu kubernetes external-secrets stores [command]
Aliases
stores, stores, store
Commands
create Create secret store external-secrets.io/v1beta1/SecretStore
list Lists all external-secrets.io/v1beta1/Secrets
Flags
-h, --help help for stores
tanzu external-secrets stores create
Create secret store external-secrets.io/v1beta1/SecretStore.
Usage
tanzu kubernetes external-secrets stores create [flags]
Examples
Create SecretStore resource from yaml/json file
tanzu external-secrets stores create --filename <file.yaml>
Create SecretStore resource from yaml/json stdin
cat <<EOF | tanzu external-secrets stores create -f -
apiVersion: external-secrets.io/v1beta1
kind: SecretStore
...
EOF
Flags
-f, --filepath string Yaml/Json file to create secret store via external-secrets operator
-h, --help help for create
--kubeconfig string The path to the kubeconfig file, optional
-n, --namespace string Target namespace for the secret store, optional
--verbose int32 Number for the log level verbosity(0-9)
-y, --yes accept all prompts
tanzu external-secrets stores list
Lists all external-secrets.io/v1beta1/ExternalSecret and checks for the associated v1/Secret with the correct owner reference.
Usage
tanzu kubernetes external-secrets stores list [flags]
Examples
# List all external secrets stores
tanzu external-secrets stores list -A
# List external secrets stores in specified namespace
tanzu external-secrets stores list -n test-ns
# List all external secrets stores in json output format
tanzu external-secrets stores list -n test-ns -o json
Flags
-A, --all-namespaces View secrets in all namespaces, optional
-h, --help help for list
--kubeconfig string The path to the kubeconfig file, optional
-n, --namespace string Target namespace for the external secret, optional
-o, --output string Output format (yaml|json|table), optional
--verbose int32 Number for the log level verbosity(0-9)
