Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Datasource: kubernetes_secret: add binary_data attribute #1285

Merged
merged 4 commits into from
May 27, 2021

Conversation

favoretti
Copy link
Contributor

@favoretti favoretti commented May 27, 2021

Description

In case where we're dealing with secrets that contain, for instance, SSL certificates in PFX format - binary value of the secret becomes corrupted on retrieval.

This additional attribute encodes only the values in base64, allowing us to consume binary data as is.

Use-case: Azure AKS cluster with cert-manager fetching LE certiicates creates a secret with certs in both PEM and PFX format. While retrieving that secret - PEM parts work, PFX becomes garbled, since it's encoded to a string. Some other services (like Application Gateway) do not accept PEM certificates and only want PFX, which forces us to do dark magic with CLI to extract the cert. This change would allow us to do it all nicely inside terraform code.

Tested with a custom-built provider - works like a charm.

Acceptance tests

  • Have you added an acceptance test for the functionality being added?
    N/A I think, but can add one if team deems necessary.
  • Have you run the acceptance tests on this branch?
    N/A I think, but can add one if team deems necessary.

Release Note

Release note for CHANGELOG:

Datasource `kubernetes_secret`: Add `binary_data` attribute where secret data values are encoded in base64 format.

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

In case where we're dealing with secrets that contain, for instance, SSL
certificates in PFX format - binary value of the secret becomes
corrupted on retrieval.

This additional attribute encodes only the values in base64, allowing us
to consume binary data as is.
@ghost ghost added size/XS labels May 27, 2021
@favoretti
Copy link
Contributor Author

favoretti commented May 27, 2021

I had to modify the resource, since datasource implicitly uses its Read, but if it's not desired - I'm happy to implement a separate DataSourceRead method as well.

@ghost ghost added documentation labels May 27, 2021
@dak1n1 dak1n1 self-assigned this May 27, 2021
@favoretti favoretti requested a review from dak1n1 May 27, 2021 17:01
@favoretti
Copy link
Contributor Author

@dak1n1 Something like this? Didn't run acceptance though, I'm sorry, fiddling around to figure out how to do that first :)

@ghost ghost added size/S and removed size/XS labels May 27, 2021
@favoretti favoretti changed the title Datasource: kubernetes_secret: add base64_data attribute Datasource: kubernetes_secret: add binary_data attribute May 27, 2021
@dak1n1
Copy link
Contributor

dak1n1 commented May 27, 2021

This looks awesome! Thanks for all the work figuring this out. Sorry, I'm really slow to review things, but I'll get it tested and get back to you.

@favoretti
Copy link
Contributor Author

Thanks so much. If everything looks good - would there be a chance we could get a minor release in the near future? We're really looking forward to this working :)

@dak1n1
Copy link
Contributor

dak1n1 commented May 27, 2021

Yes, we can do a release on Tuesday, most likely. The tests for this one looks good, but I might need help finding a resource that can consume the data generated by this new data source attribute. I'll show you what I mean. (The code in this PR could be totally fine, and it could just be an issue with the secret resource I'm using for the test).

Here's my test so far:

Build a local k8s cluster and create the secret outside of Terraform.

minikube start
kubectl create secret tls test --cert=$HOME/.minikube/cert.pem --key=$HOME/.minikube/key.pem

Compile the provider using the local branch and use it in a Terraform config. Details here:
https://gist.githubusercontent.com/dak1n1/2fa88a2f3bc2e152d4ba07d51a0ec88c/raw/f4cde1c82b30283b5ee64d1f6ff5bd77adcfad19/gistfile1.txt

Result: when I use the data source to read data from an existing secret, only one of the two fields are copied from the original secret into the new one.

data "kubernetes_secret" "test" {
  metadata {
    name = "test"
  }

  binary_data = {
    "tls.cert" = ""
    "tls.key" = ""
  }
}

resource "kubernetes_secret" "test2" {
  metadata {
    name = "test2"
  }
  type = "tls"
  binary_data = data.kubernetes_secret.test.binary_data
}

The new secret only has one of the two fields from the original secret.

$ kubectl get secret test2 -o json |jq .data
{
  "tls.cert": "",
  "tls.key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVkt..."
}

Here's the original secret for comparison.

$ kubectl get secret test -o json |jq .data
{
  "tls.crt": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tL..."
  "tls.key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVkt..."
}

I'll continue investigating this.

@favoretti
Copy link
Contributor Author

@dak1n1 Typo in datasource def. tls.cert should become tls.crt. :)

@dak1n1
Copy link
Contributor

dak1n1 commented May 27, 2021

Thanks! I'll try again.

Copy link
Contributor

@dak1n1 dak1n1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the help testing this! It's all working as expected.

@favoretti
Copy link
Contributor Author

$ cat a.tf
provider "kubernetes" {
  config_path = "~/.kube/config"
}


data "kubernetes_secret" "test" {
  metadata {
    name = "test"
  }

  binary_data = {
    "tls.crt" = ""
    "tls.key" = ""
  }
}

# I want to test that the data created by the data source is usable.
# But I'm unable to output the data, or write it a file,
# So I'll have to feed the data into a new resource instead.
#
# Didn't work
output "binary_data" {
  value = nonsensitive(data.kubernetes_secret.test.binary_data)
}
#

resource "kubernetes_secret" "test2" {
  metadata {
    name = "test2"
  }
  type        = "tls"
  binary_data = data.kubernetes_secret.test.binary_data
}
$ ta
╷
│ Warning: Provider development overrides are in effect
│
│ The following provider development overrides are set in the CLI configuration:
│  - hashicorp/azurerm in /Users/vlazarenko/go/bin
│  - hashicorp/kubernetes in /Users/vlazarenko/go/bin
│
│ The behavior may therefore not match any released version of the provider and applying changes may cause the state to become incompatible with published releases.
╵

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # kubernetes_secret.test2 will be created
  + resource "kubernetes_secret" "test2" {
      + binary_data = (sensitive value)
      + data        = (sensitive value)
      + id          = (known after apply)
      + type        = "tls"

      + metadata {
          + generation       = (known after apply)
          + name             = "test2"
          + namespace        = "default"
          + resource_version = (known after apply)
          + self_link        = (known after apply)
          + uid              = (known after apply)
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + binary_data = {
      + "tls.crt" = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGekNDQWYrZ0F3SUJBZ0lSQU13Y21sQlZvV2lPUDFBc2JFY1RLSjB3RFFZSktvWklodmNOQVFFTEJRQXcKRlRFVE1CRUdBMVVFQ2hNS2RteGhlbUZ5Wlc1cmJ6QWVGdzB5TVRBMU1qY3lNakF6TURCYUZ3MHlOREExTVRFeQpNakF6TURCYU1DRXhIekFkQmdOVkJBb01GblpzWVhwaGNtVnVhMjh1UEdKdmIzUnpkSEpoY0Q0d2dnRWlNQTBHCkNTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFETWxIWXFIQUhNay9TRTFMSHJvdHRLL1Z1d3plK2cKM25ZL3R1OHo2Szh1TDN2TEU3OGZaOUNzWjlCN2M4ZUdXZE4wcS9qdFdaOThtcmFVUFdteThKUE95Sjl2RWZheQpoUXdmY2E2ZjhlbTVSanV3WW1NeHF0M2VIaldMWU4yVzB4anJCS2g3ZUNTUlBUajJJTEY4dEo3VGpqSGc0eUZVCjhLcXY0a1BLeEJYMVFmZXVFSFI5OW5xVTl6ZWNqcUxWWTk5WC9ibmNhT3ZkajcrUCtxZUxSTjVrOUhhV05EYVYKWnp2OWVSK3QyWkJBYUJqVERGOVpQd2FYK01vazU4eHRZUHF6QmF6a1F0aWJFLzdxQitYRTVRWnRSTklaeEZxaApWT1dMYVFadnBaR0k4TTVDQS92QVpMODlCU0VGbFZUY2ZSMGRzQUwwb0E2eUNUbTVRWlBseC9vNUFnTUJBQUdqClZqQlVNQTRHQTFVZER3RUIvd1FFQXdJSGdEQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFNQmdOVkhSTUIKQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkdMd01GZWdpcmxza3RBNU8vVExsazh1NDdkQk1BMEdDU3FHU0liMwpEUUVCQ3dVQUE0SUJBUUJuWEVjK1ZqZ0Jaa25mclBEUXVBZDg5c2RVWUFNdG9UV3FJNVprZkR1Z3VXclJXSUFQCkxLSXBFQ2JZN29DRFdRMDk1STFoZE9EYTl5eHBDZ3lWbGNHc25PNDhpeTdKS29wUDZ0dEhOOEhtN3kvczNSZ2oKYlM5WW1yS2tYOEJiNlZTZ2JuWXB1eGVWU3h4WUVHTlpsZFJ4dzZEOTIreXBMQyswZXpsemMxUVJJMkhEL3hFQwpVME1BMWFLM0QxQTlaWjVOaWdTRXA5TktETkZidm9OVWIxTWl4cVNaRjRPU05NakYvTUhrUmJ2bElpNnBMb3ZiCnZ0YkhNVlBUMTNrOGxjWnFkTlpoY2NGbzdBd1ZITVlkUlJaa3V2cXIyVGtJeG1yVkUrTTJKRW5hTW1YeCtYenYKMTlubmxIK093NThZb0Q1UCtnTkJBbzNud0JXT0drN1JzTTBQCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
      + "tls.key" = "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBekpSMktod0J6SlAwaE5TeDY2TGJTdjFic00zdm9ONTJQN2J2TStpdkxpOTd5eE8vCkgyZlFyR2ZRZTNQSGhsblRkS3Y0N1ZtZmZKcTJsRDFwc3ZDVHpzaWZieEgyc29VTUgzR3VuL0hwdVVZN3NHSmoKTWFyZDNoNDFpMkRkbHRNWTZ3U29lM2dra1QwNDlpQ3hmTFNlMDQ0eDRPTWhWUENxcitKRHlzUVY5VUgzcmhCMApmZlo2bFBjM25JNmkxV1BmVi8yNTNHanIzWSsvai9xbmkwVGVaUFIybGpRMmxXYzcvWGtmcmRtUVFHZ1kwd3hmCldUOEdsL2pLSk9mTWJXRDZzd1dzNUVMWW14UCs2Z2ZseE9VR2JVVFNHY1Jhb1ZUbGkya0diNldSaVBET1FnUDcKd0dTL1BRVWhCWlZVM0gwZEhiQUM5S0FPc2drNXVVR1Q1Y2Y2T1FJREFRQUJBb0lCQVFDUWhUeG9pUHA0WS9qegpzVEd6VFl2dkVNWXFRNERKdXYzOENxWTJuR1RNa3J5My9FNGl5SHJ3b0RIMlZCY2FnUEJSVm45MlpMNjNEckIyClRtQVNDY1BRNjRjOXRvbjVHT1kwZkdHcEdnTkxZQ01nZXBDcWNKTmxxeCtXUTZxbU5xQSt2ajZyWW5jcXB2NUwKV1ZNb3pvdjQxVlhGRVk3bGExS1pCNVZ1YzFFenZNOGVIcVdyNVQyRm4yeE5Tb0Fya3RyUTVCQ05sd2dXeFY4eApqVHVyNmd0NVpUQW5VL3YxQWVpUGRMcllxdDBYdWE4THlraWtkeEtkR21DYWZJdmhvT2pPTW4wUkRwamYwSmtJCjFhRmRpTFhqQTZDZitjRDBHUkVjUGxEdG9ZTXdnSXBKRkdEY2tsemhTQWpqS0o0OWk1LzdvT0pLRGJPOG9mbVoKQXl5Yml1SUJBb0dCQU5TY1Z1M2lKQmN5Q2NoUmt0aWdTMnpURHNzYVg1TjhGKytrY090YUlUZ01OTkJsZlhRWApDN0ZZOGFZZ2RBQWh3QWVJN2JldkZiQVNrTWN0MEJZMHl5S291K0ZRWHdBcGJMTitqbDVZQ2U0NXpPdTlBQWxPCmo4OG5EVW9qTEpRNFIzWW9tVGFXMW42WUkwY1lkMHd6cHBUbkdWMjZtK2FEclVhZ1owVWMvN0o1QW9HQkFQWlUKajY5a01nVFdoeURINkUvM1NyM2RxUjFSZ2ZPSGE0bHZqWWhjN0d5alllTStqYk9XQjdwQlhlV081Q3h5YktTaAp4WlZHWUoyNVJmQzVYYVduVk9XNE9SeDR0QWc2VGxOVjhHbVpIUmtaTFo1SytJV3dTOFkyV3g3dDBrck0xQW5vCms2T2UzUFVIcUF6aE1XRWdGcHJ0NHhvOHIrSDgwUG1aa0llT3NwWEJBb0dCQUx0ZVBFM1FhYlgzWngrZXBDYzgKdkx2ZkZMNXhNNkdxVHYzbWtZMFlGUVpyMjI5OHdaNjVZSmllcGZlZHloMERvVlFDbkZ5d2RCQ0RqQXU4bUJHNQozUHRpY0pFVVgyU3BIUjdpZlYwdmdURHN4MmRKWE9yV3pXM21JSlFoZzN2c1RTNFlnVTNXaUpsd1FrYTVqUWtlCnk4T1dGb2kvbC8wQ05vWnpmZzh1aXpraEFvR0FUd3BoTkpFODc0cDZ2NDBGd1NzRGc1cnRtZWUrZ0FzUytYMmUKOTRPQnBYWmpnWXhmNGFFaGg2VlQ0TVlSOXlVY01WTnJWL1BHS3JYNWVEMnlpK1grZXR1N0Q2UzNkL0JsazUzKwp6NU4rMzcvUmdIcGo5bG5VWnB5b2JtczNVQ01iWXJhTE1UUlhpQlJWMnhRalNSd0h4TnpTUTJmM3M5YndvemFnClJxOEdKTUVDZ1lBQ2JwejhMQk9ZNkEzTnhBRGJFT0ZPUGdISFJrM2cxWjhXcWxtMCtpL0I1RFZHMlFKQUtjV1oKZEZxU1hkbzg0U0ZwZTVXdkVoekxWRlVpVnV4WWtIOHBpejhkTkhOUkM0YkVFTFh4ZUM4Q0cydUpvVk5CMnN3QgpzYzkyeWtBa3MxN09WR1FGSDJCNjNyWSs5cW5CTVdoeXZLRHZidkZDeXZDV2hmYjZITjZBNUE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo="
    }

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

kubernetes_secret.test2: Creating...
kubernetes_secret.test2: Creation complete after 0s [id=default/test2]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Outputs:

binary_data = tomap({
  "tls.crt" = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGekNDQWYrZ0F3SUJBZ0lSQU13Y21sQlZvV2lPUDFBc2JFY1RLSjB3RFFZSktvWklodmNOQVFFTEJRQXcKRlRFVE1CRUdBMVVFQ2hNS2RteGhlbUZ5Wlc1cmJ6QWVGdzB5TVRBMU1qY3lNakF6TURCYUZ3MHlOREExTVRFeQpNakF6TURCYU1DRXhIekFkQmdOVkJBb01GblpzWVhwaGNtVnVhMjh1UEdKdmIzUnpkSEpoY0Q0d2dnRWlNQTBHCkNTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFETWxIWXFIQUhNay9TRTFMSHJvdHRLL1Z1d3plK2cKM25ZL3R1OHo2Szh1TDN2TEU3OGZaOUNzWjlCN2M4ZUdXZE4wcS9qdFdaOThtcmFVUFdteThKUE95Sjl2RWZheQpoUXdmY2E2ZjhlbTVSanV3WW1NeHF0M2VIaldMWU4yVzB4anJCS2g3ZUNTUlBUajJJTEY4dEo3VGpqSGc0eUZVCjhLcXY0a1BLeEJYMVFmZXVFSFI5OW5xVTl6ZWNqcUxWWTk5WC9ibmNhT3ZkajcrUCtxZUxSTjVrOUhhV05EYVYKWnp2OWVSK3QyWkJBYUJqVERGOVpQd2FYK01vazU4eHRZUHF6QmF6a1F0aWJFLzdxQitYRTVRWnRSTklaeEZxaApWT1dMYVFadnBaR0k4TTVDQS92QVpMODlCU0VGbFZUY2ZSMGRzQUwwb0E2eUNUbTVRWlBseC9vNUFnTUJBQUdqClZqQlVNQTRHQTFVZER3RUIvd1FFQXdJSGdEQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFNQmdOVkhSTUIKQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkdMd01GZWdpcmxza3RBNU8vVExsazh1NDdkQk1BMEdDU3FHU0liMwpEUUVCQ3dVQUE0SUJBUUJuWEVjK1ZqZ0Jaa25mclBEUXVBZDg5c2RVWUFNdG9UV3FJNVprZkR1Z3VXclJXSUFQCkxLSXBFQ2JZN29DRFdRMDk1STFoZE9EYTl5eHBDZ3lWbGNHc25PNDhpeTdKS29wUDZ0dEhOOEhtN3kvczNSZ2oKYlM5WW1yS2tYOEJiNlZTZ2JuWXB1eGVWU3h4WUVHTlpsZFJ4dzZEOTIreXBMQyswZXpsemMxUVJJMkhEL3hFQwpVME1BMWFLM0QxQTlaWjVOaWdTRXA5TktETkZidm9OVWIxTWl4cVNaRjRPU05NakYvTUhrUmJ2bElpNnBMb3ZiCnZ0YkhNVlBUMTNrOGxjWnFkTlpoY2NGbzdBd1ZITVlkUlJaa3V2cXIyVGtJeG1yVkUrTTJKRW5hTW1YeCtYenYKMTlubmxIK093NThZb0Q1UCtnTkJBbzNud0JXT0drN1JzTTBQCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
  "tls.key" = "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBekpSMktod0J6SlAwaE5TeDY2TGJTdjFic00zdm9ONTJQN2J2TStpdkxpOTd5eE8vCkgyZlFyR2ZRZTNQSGhsblRkS3Y0N1ZtZmZKcTJsRDFwc3ZDVHpzaWZieEgyc29VTUgzR3VuL0hwdVVZN3NHSmoKTWFyZDNoNDFpMkRkbHRNWTZ3U29lM2dra1QwNDlpQ3hmTFNlMDQ0eDRPTWhWUENxcitKRHlzUVY5VUgzcmhCMApmZlo2bFBjM25JNmkxV1BmVi8yNTNHanIzWSsvai9xbmkwVGVaUFIybGpRMmxXYzcvWGtmcmRtUVFHZ1kwd3hmCldUOEdsL2pLSk9mTWJXRDZzd1dzNUVMWW14UCs2Z2ZseE9VR2JVVFNHY1Jhb1ZUbGkya0diNldSaVBET1FnUDcKd0dTL1BRVWhCWlZVM0gwZEhiQUM5S0FPc2drNXVVR1Q1Y2Y2T1FJREFRQUJBb0lCQVFDUWhUeG9pUHA0WS9qegpzVEd6VFl2dkVNWXFRNERKdXYzOENxWTJuR1RNa3J5My9FNGl5SHJ3b0RIMlZCY2FnUEJSVm45MlpMNjNEckIyClRtQVNDY1BRNjRjOXRvbjVHT1kwZkdHcEdnTkxZQ01nZXBDcWNKTmxxeCtXUTZxbU5xQSt2ajZyWW5jcXB2NUwKV1ZNb3pvdjQxVlhGRVk3bGExS1pCNVZ1YzFFenZNOGVIcVdyNVQyRm4yeE5Tb0Fya3RyUTVCQ05sd2dXeFY4eApqVHVyNmd0NVpUQW5VL3YxQWVpUGRMcllxdDBYdWE4THlraWtkeEtkR21DYWZJdmhvT2pPTW4wUkRwamYwSmtJCjFhRmRpTFhqQTZDZitjRDBHUkVjUGxEdG9ZTXdnSXBKRkdEY2tsemhTQWpqS0o0OWk1LzdvT0pLRGJPOG9mbVoKQXl5Yml1SUJBb0dCQU5TY1Z1M2lKQmN5Q2NoUmt0aWdTMnpURHNzYVg1TjhGKytrY090YUlUZ01OTkJsZlhRWApDN0ZZOGFZZ2RBQWh3QWVJN2JldkZiQVNrTWN0MEJZMHl5S291K0ZRWHdBcGJMTitqbDVZQ2U0NXpPdTlBQWxPCmo4OG5EVW9qTEpRNFIzWW9tVGFXMW42WUkwY1lkMHd6cHBUbkdWMjZtK2FEclVhZ1owVWMvN0o1QW9HQkFQWlUKajY5a01nVFdoeURINkUvM1NyM2RxUjFSZ2ZPSGE0bHZqWWhjN0d5alllTStqYk9XQjdwQlhlV081Q3h5YktTaAp4WlZHWUoyNVJmQzVYYVduVk9XNE9SeDR0QWc2VGxOVjhHbVpIUmtaTFo1SytJV3dTOFkyV3g3dDBrck0xQW5vCms2T2UzUFVIcUF6aE1XRWdGcHJ0NHhvOHIrSDgwUG1aa0llT3NwWEJBb0dCQUx0ZVBFM1FhYlgzWngrZXBDYzgKdkx2ZkZMNXhNNkdxVHYzbWtZMFlGUVpyMjI5OHdaNjVZSmllcGZlZHloMERvVlFDbkZ5d2RCQ0RqQXU4bUJHNQozUHRpY0pFVVgyU3BIUjdpZlYwdmdURHN4MmRKWE9yV3pXM21JSlFoZzN2c1RTNFlnVTNXaUpsd1FrYTVqUWtlCnk4T1dGb2kvbC8wQ05vWnpmZzh1aXpraEFvR0FUd3BoTkpFODc0cDZ2NDBGd1NzRGc1cnRtZWUrZ0FzUytYMmUKOTRPQnBYWmpnWXhmNGFFaGg2VlQ0TVlSOXlVY01WTnJWL1BHS3JYNWVEMnlpK1grZXR1N0Q2UzNkL0JsazUzKwp6NU4rMzcvUmdIcGo5bG5VWnB5b2JtczNVQ01iWXJhTE1UUlhpQlJWMnhRalNSd0h4TnpTUTJmM3M5YndvemFnClJxOEdKTUVDZ1lBQ2JwejhMQk9ZNkEzTnhBRGJFT0ZPUGdISFJrM2cxWjhXcWxtMCtpL0I1RFZHMlFKQUtjV1oKZEZxU1hkbzg0U0ZwZTVXdkVoekxWRlVpVnV4WWtIOHBpejhkTkhOUkM0YkVFTFh4ZUM4Q0cydUpvVk5CMnN3QgpzYzkyeWtBa3MxN09WR1FGSDJCNjNyWSs5cW5CTVdoeXZLRHZidkZDeXZDV2hmYjZITjZBNUE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo="
})
[0:12](⎈ |minikube:default)➜  ~/ktest $ kubectl get secret test2 -o json |jq .data
{
  "tls.crt": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGekNDQWYrZ0F3SUJBZ0lSQU13Y21sQlZvV2lPUDFBc2JFY1RLSjB3RFFZSktvWklodmNOQVFFTEJRQXcKRlRFVE1CRUdBMVVFQ2hNS2RteGhlbUZ5Wlc1cmJ6QWVGdzB5TVRBMU1qY3lNakF6TURCYUZ3MHlOREExTVRFeQpNakF6TURCYU1DRXhIekFkQmdOVkJBb01GblpzWVhwaGNtVnVhMjh1UEdKdmIzUnpkSEpoY0Q0d2dnRWlNQTBHCkNTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFETWxIWXFIQUhNay9TRTFMSHJvdHRLL1Z1d3plK2cKM25ZL3R1OHo2Szh1TDN2TEU3OGZaOUNzWjlCN2M4ZUdXZE4wcS9qdFdaOThtcmFVUFdteThKUE95Sjl2RWZheQpoUXdmY2E2ZjhlbTVSanV3WW1NeHF0M2VIaldMWU4yVzB4anJCS2g3ZUNTUlBUajJJTEY4dEo3VGpqSGc0eUZVCjhLcXY0a1BLeEJYMVFmZXVFSFI5OW5xVTl6ZWNqcUxWWTk5WC9ibmNhT3ZkajcrUCtxZUxSTjVrOUhhV05EYVYKWnp2OWVSK3QyWkJBYUJqVERGOVpQd2FYK01vazU4eHRZUHF6QmF6a1F0aWJFLzdxQitYRTVRWnRSTklaeEZxaApWT1dMYVFadnBaR0k4TTVDQS92QVpMODlCU0VGbFZUY2ZSMGRzQUwwb0E2eUNUbTVRWlBseC9vNUFnTUJBQUdqClZqQlVNQTRHQTFVZER3RUIvd1FFQXdJSGdEQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFNQmdOVkhSTUIKQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkdMd01GZWdpcmxza3RBNU8vVExsazh1NDdkQk1BMEdDU3FHU0liMwpEUUVCQ3dVQUE0SUJBUUJuWEVjK1ZqZ0Jaa25mclBEUXVBZDg5c2RVWUFNdG9UV3FJNVprZkR1Z3VXclJXSUFQCkxLSXBFQ2JZN29DRFdRMDk1STFoZE9EYTl5eHBDZ3lWbGNHc25PNDhpeTdKS29wUDZ0dEhOOEhtN3kvczNSZ2oKYlM5WW1yS2tYOEJiNlZTZ2JuWXB1eGVWU3h4WUVHTlpsZFJ4dzZEOTIreXBMQyswZXpsemMxUVJJMkhEL3hFQwpVME1BMWFLM0QxQTlaWjVOaWdTRXA5TktETkZidm9OVWIxTWl4cVNaRjRPU05NakYvTUhrUmJ2bElpNnBMb3ZiCnZ0YkhNVlBUMTNrOGxjWnFkTlpoY2NGbzdBd1ZITVlkUlJaa3V2cXIyVGtJeG1yVkUrTTJKRW5hTW1YeCtYenYKMTlubmxIK093NThZb0Q1UCtnTkJBbzNud0JXT0drN1JzTTBQCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K",
  "tls.key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBekpSMktod0J6SlAwaE5TeDY2TGJTdjFic00zdm9ONTJQN2J2TStpdkxpOTd5eE8vCkgyZlFyR2ZRZTNQSGhsblRkS3Y0N1ZtZmZKcTJsRDFwc3ZDVHpzaWZieEgyc29VTUgzR3VuL0hwdVVZN3NHSmoKTWFyZDNoNDFpMkRkbHRNWTZ3U29lM2dra1QwNDlpQ3hmTFNlMDQ0eDRPTWhWUENxcitKRHlzUVY5VUgzcmhCMApmZlo2bFBjM25JNmkxV1BmVi8yNTNHanIzWSsvai9xbmkwVGVaUFIybGpRMmxXYzcvWGtmcmRtUVFHZ1kwd3hmCldUOEdsL2pLSk9mTWJXRDZzd1dzNUVMWW14UCs2Z2ZseE9VR2JVVFNHY1Jhb1ZUbGkya0diNldSaVBET1FnUDcKd0dTL1BRVWhCWlZVM0gwZEhiQUM5S0FPc2drNXVVR1Q1Y2Y2T1FJREFRQUJBb0lCQVFDUWhUeG9pUHA0WS9qegpzVEd6VFl2dkVNWXFRNERKdXYzOENxWTJuR1RNa3J5My9FNGl5SHJ3b0RIMlZCY2FnUEJSVm45MlpMNjNEckIyClRtQVNDY1BRNjRjOXRvbjVHT1kwZkdHcEdnTkxZQ01nZXBDcWNKTmxxeCtXUTZxbU5xQSt2ajZyWW5jcXB2NUwKV1ZNb3pvdjQxVlhGRVk3bGExS1pCNVZ1YzFFenZNOGVIcVdyNVQyRm4yeE5Tb0Fya3RyUTVCQ05sd2dXeFY4eApqVHVyNmd0NVpUQW5VL3YxQWVpUGRMcllxdDBYdWE4THlraWtkeEtkR21DYWZJdmhvT2pPTW4wUkRwamYwSmtJCjFhRmRpTFhqQTZDZitjRDBHUkVjUGxEdG9ZTXdnSXBKRkdEY2tsemhTQWpqS0o0OWk1LzdvT0pLRGJPOG9mbVoKQXl5Yml1SUJBb0dCQU5TY1Z1M2lKQmN5Q2NoUmt0aWdTMnpURHNzYVg1TjhGKytrY090YUlUZ01OTkJsZlhRWApDN0ZZOGFZZ2RBQWh3QWVJN2JldkZiQVNrTWN0MEJZMHl5S291K0ZRWHdBcGJMTitqbDVZQ2U0NXpPdTlBQWxPCmo4OG5EVW9qTEpRNFIzWW9tVGFXMW42WUkwY1lkMHd6cHBUbkdWMjZtK2FEclVhZ1owVWMvN0o1QW9HQkFQWlUKajY5a01nVFdoeURINkUvM1NyM2RxUjFSZ2ZPSGE0bHZqWWhjN0d5alllTStqYk9XQjdwQlhlV081Q3h5YktTaAp4WlZHWUoyNVJmQzVYYVduVk9XNE9SeDR0QWc2VGxOVjhHbVpIUmtaTFo1SytJV3dTOFkyV3g3dDBrck0xQW5vCms2T2UzUFVIcUF6aE1XRWdGcHJ0NHhvOHIrSDgwUG1aa0llT3NwWEJBb0dCQUx0ZVBFM1FhYlgzWngrZXBDYzgKdkx2ZkZMNXhNNkdxVHYzbWtZMFlGUVpyMjI5OHdaNjVZSmllcGZlZHloMERvVlFDbkZ5d2RCQ0RqQXU4bUJHNQozUHRpY0pFVVgyU3BIUjdpZlYwdmdURHN4MmRKWE9yV3pXM21JSlFoZzN2c1RTNFlnVTNXaUpsd1FrYTVqUWtlCnk4T1dGb2kvbC8wQ05vWnpmZzh1aXpraEFvR0FUd3BoTkpFODc0cDZ2NDBGd1NzRGc1cnRtZWUrZ0FzUytYMmUKOTRPQnBYWmpnWXhmNGFFaGg2VlQ0TVlSOXlVY01WTnJWL1BHS3JYNWVEMnlpK1grZXR1N0Q2UzNkL0JsazUzKwp6NU4rMzcvUmdIcGo5bG5VWnB5b2JtczNVQ01iWXJhTE1UUlhpQlJWMnhRalNSd0h4TnpTUTJmM3M5YndvemFnClJxOEdKTUVDZ1lBQ2JwejhMQk9ZNkEzTnhBRGJFT0ZPUGdISFJrM2cxWjhXcWxtMCtpL0I1RFZHMlFKQUtjV1oKZEZxU1hkbzg0U0ZwZTVXdkVoekxWRlVpVnV4WWtIOHBpejhkTkhOUkM0YkVFTFh4ZUM4Q0cydUpvVk5CMnN3QgpzYzkyeWtBa3MxN09WR1FGSDJCNjNyWSs5cW5CTVdoeXZLRHZidkZDeXZDV2hmYjZITjZBNUE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo="
}

@dak1n1 dak1n1 merged commit 8835e93 into hashicorp:main May 27, 2021
@favoretti
Copy link
Contributor Author

@dak1n1 Ping :) Could we please release this? Thanks!

@dak1n1
Copy link
Contributor

dak1n1 commented Jun 2, 2021

Sorry about that, I made an attempt to release yesterday, but I found an issue with another PR that was merged. @jrhouston is working on a fix. I'll do what I can to support this effort and get the release out.

@dak1n1
Copy link
Contributor

dak1n1 commented Jun 2, 2021

The change has been released in version 2.3.0. https://github.com/hashicorp/terraform-provider-kubernetes/releases/tag/v2.3.0

@favoretti
Copy link
Contributor Author

Thank you so much!

@github-actions
Copy link

github-actions bot commented Jul 4, 2021

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 4, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants