Skip to content

Commit dfa00cb

Browse files
edeediongedeediong
committed
docs: add code block
1 parent bf1e15c commit dfa00cb

File tree

2 files changed

+16
-2
lines changed

2 files changed

+16
-2
lines changed

docs/guide/k8s-secret.md

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -44,20 +44,26 @@ From the output gotten, you can see that your new value has successfully been ad
4444

4545
To retrieve the original version of `runme-secrets.yaml`, you can decrypt the encrypted secret, `mysealedsecret.yaml`. Run the command in the ‘Decrypt a Secret’ section of the repo and run it in your Runme cell.
4646

47-
![decrypt](../../static/img/guide-page/decrypt-secret.png)
47+
```sh
48+
kubeseal --controller-name=sealed-secrets-controller --controller-namespace=kube-system < mysealedsecret.yaml > mysecrets.yaml
49+
```
4850

4951
### Delete a Secret
5052

5153
To delete the secret, use the `kubectl` command to delete the resource and run it in your Runme cell.
5254

53-
```json
55+
```sh
5456
kubectl delete -f mysealedsecret.yaml
5557
```
5658

5759
### **Deploy the Sealed Secret**[](https://docs-runme-55rq3q1vz-stateful.vercel.app/guide/k8s-secret#deploy-the-sealed-secret)
5860

5961
To deploy your secret, execute the code below:
6062

63+
```sh
64+
kubectl apply -f mysealedsecret.yaml
65+
```
66+
6167
![deploy sealed](../../static/img/guide-page/sealed-apply.png)
6268

6369
The Sealed Secrets controller will decrypt the Sealed Secret and create a Kubernetes Secret with the decrypted data.

docs/guide/sops.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -71,6 +71,10 @@ Similar to the encryption process, Runme lets you decrypt your encrypted securit
7171

7272
To decrypt your secrets, navigate to the “Decrypt Secrets” section in the repository and run the command in your Markdown file with Runme.
7373

74+
```sh
75+
sops --decrypt --kms arn:aws:kms:${region}:${accountid}:key/${keyid} --encryption-context Role:runme-test --encrypted-regex password runme-secrets-enc.yaml > runme-secrets.yaml
76+
```
77+
7478
![decrypt](../../static/img/guide-page/runme-decrypt.png)
7579

7680
When you decrypt the secret, it moves the decrypted secrets from a SOPS-encrypted secret `runtime-secrets-enc.yaml` into the original version before it was encrypted `runme-secrets.yaml`
@@ -79,6 +83,10 @@ When you decrypt the secret, it moves the decrypted secrets from a SOPS-encrypte
7983

8084
To apply the encrypted secrets in your `runme-secrets-enc.yaml` file, run the command below.
8185

86+
```sh
87+
sops -d runme-secrets-enc.yaml | kubectl apply -f -
88+
```
89+
8290
![apply](../../static/img/guide-page/secret-apply-runme.png)
8391

8492
This runs the `runme-secrets-enc.yaml` file decrypts it and then applies the file.

0 commit comments

Comments
 (0)