Secret

Bases: DuploTenantResourceV3

Kubernetes Secrets

This class provides methods to manage Kubernetes Secrets in DuploCloud.

See more details at: https://docs.duplocloud.com/docs/kubernetes-overview/configs-and-secrets/setting-kubernetes-secrets

`apply`

Apply a Secret

Create or Update a Secret resource with Duplocloud cli.

CLI Usage

duploctl secret apply -f 'secret.yaml'

Contents of the secret.yaml file

SecretName: duploctl
SecretType: Opaque
SecretData:
  username: admin
  password: secret123
SecretLabels:
  test: myapp
SecretAnnotations:
  something: cool

Parameters:

Name	Type	Description	Default
`body`	`BODY`	The resource to apply.	required
`wait`	`WAIT`	Wait for the resource to be created.	`False`
`patches`	`PATCHES`	The patches to apply to the resource.	`None`

Returns:

Name	Type	Description
`message`	`dict`	Success message.

`create`

Create a Secret

Create a new Kubernetes secret managed through DuploCloud.

CLI Usage

duploctl secret create -f secret.yaml

Contents of the secret.yaml file

SecretName: duploctl
SecretType: Opaque
SecretData:
  username: admin
  password: secret123
SecretLabels:
  test: myapp
SecretAnnotations:
  something: cool

Create a secret using a one-liner.

echo """
SecretName: duploctl
SecretType: Opaque
SecretData:
  username: admin
  password: secret123
SecretLabels:
  test: myapp
SecretAnnotations:
  something: cool

""" | duploctl secret create -f -

Create a secret using a file.

duploctl secret create -f secret.yaml

Create a secret by specifying key-value pairs as literals.

duploctl secret create <secret-name> --from-literal Key1="Val1" --from-literal Key2="Val2"

Create a secret from a file.

duploctl secret create <secret-name> --from-file secret-map.txt

Parameters:

Name	Type	Description	Default
`name`	`NAME`	Name of the secret. Required if `body` is not provided.	`None`
`body`	`BODY`	The complete secret resource definition.	`None`
`data`	`DATAMAP`	Data to merge into the secret.	`None`
`dryrun`	`DRYRUN`	If True, return the modified secret without applying changes.	`False`

Returns:

Name	Type	Description
`message`	`dict`	The updated secret or a success message.

Raises:

Type	Description
`DuploError`	If the secret create fails.

`delete`

Delete Secret

Deletes the specified Secret by name.

cli

duploctl secret delete <name>

Parameters:

Name	Type	Description	Default
`name`	`NAME`	The name of a Secret to delete.	required

Returns:

Name	Type	Description
`message`	`dict`	Returns a success message if deleted successfully; otherwise, an error.

`find`

Find a Secret.

Retrieve details of a specific kubernetes Secret by name

cli usage

duploctl secret find <name>

Parameters:

Name	Type	Description	Default
`name`	`NAME`	The name of the secret to find.	required

Returns:

Name	Type	Description
`message`	`dict`	The resource content or success message.

Raises:

Type	Description
`DuploError`	Secret not found.

`list`

Retrieve a List of Secret resources

cli usage

duploctl secret list

Returns:

Name	Type	Description
`list`	`list`	A list of Secret.

`update`

Updates a secret resource.

Updates an existing Kubernetes Secret resource with new or modified data.

CLI Usage

duploctl secret update -f secret.yaml

Contents of the secret.yaml file

SecretName: duploctl
SecretType: Opaque
SecretData:
  username: admin
  password: secret123
SecretLabels:
  test: myapp
SecretAnnotations:
  something: cool

Update secret using a one-liner.

echo """
SecretName: duploctl
SecretType: Opaque
SecretData:
  username: admin
  password: secret123
SecretLabels:
  test: myapp
SecretAnnotations:
  something: cool

""" | duploctl secret update -f -

Add new keys in the secret.

duploctl secret update <secret-name> --add /SecretData/NewKey1 NewValue1 --add /SecretData/NewKey2 NewValue2

Update existing keys from the secret.

duploctl secret update <secret-name> --replace /SecretData/ExistingKey1 NewValue1 --replace /SecretData/ExistingKey2 NewValue2

Delete existing keys from the secret.

duploctl secret update <secret-name> --remove /SecretData/ExistingKey1 --remove /SecretData/ExistingKey2

Update a secret by specifying key-value pairs as literals.

duploctl secret update <secret-name> --from-literal Key1="Val1" --from-literal Key2="Val2"

Update a secret from a file.

duploctl secret update <secret-name> --from-file secret.txt

Adds labels and annotations to an existing Secret resource.

Since annotations and labels do have dots and tildes, there is some special syntax here.

duploctl secret update <secret-name> --add /SecretLabels/my.label~0/foo NewLabelVal --add SecretAnnotations.NewAnnotation AnnotationVal

Parameters:

Name	Type	Description	Default
`name`	`NAME`	Name of the secret. Required if `body` is not provided.	required
`body`	`BODY`	The complete secret resource definition.	`None`
`data`	`DATAMAP`	Data to merge into the secret.	`None`
`patches`	`PATCHES`	A list of JSON patches as args to apply to the service. The options are `--add`, `--remove`, `--replace`, `--move`, and `--copy`. Then followed by `<path>` and `<value>` for `--add`, `--replace`, and `--test`.	`None`
`dryrun`	`DRYRUN`	If True, return the modified secret without applying changes.	`False`

Returns:

Name	Type	Description
`message`	`dict`	The updated secret or a success message.

Raises:

Type	Description
`DuploError`	If the secret update fails.

`wait`

Wait for Resource

Waits for a the given wait_check callable to complete successfully. If the global wait_timeout is set on the DuploClient, it will override the timeout parameter so that a user can always choose their own timeout for waiting operations. The timeout param for other functions is just a default value for that particular resource operation.

Parameters:

Name	Type	Description	Default
`wait_check`	`callable`	A callable function to check if the resource is ready.	required
`timeout`	`int`	The maximum time to wait in seconds. Default is 3600 seconds (1 hour).	`3600`
`poll`	`int`	The polling interval in seconds. Default is 10 seconds.	`10`