Revert "Adding commands to get and set encryption configs"

This reverts commit 694067492cfedd5e7b369b396bfce9923c0ca3a1.

Reason for revert: Encryption configs inside airship config are
no longer required. Encrypt feature was implemented different way.

Change-Id: I1c8feec75000402e314e815e4832ce740f0e1254
This commit is contained in:
Ruslan Aliev 2021-03-08 22:32:59 +00:00
parent 2351051ffd
commit e4436ca36d
24 changed files with 22 additions and 714 deletions

View File

@ -39,9 +39,6 @@ func NewConfigCommand(cfgFactory config.Factory) *cobra.Command {
configRootCmd.AddCommand(NewGetManifestCommand(cfgFactory)) configRootCmd.AddCommand(NewGetManifestCommand(cfgFactory))
configRootCmd.AddCommand(NewSetManifestCommand(cfgFactory)) configRootCmd.AddCommand(NewSetManifestCommand(cfgFactory))
configRootCmd.AddCommand(NewGetEncryptionConfigCommand(cfgFactory))
configRootCmd.AddCommand(NewSetEncryptionConfigCommand(cfgFactory))
// Init will have different factory // Init will have different factory
configRootCmd.AddCommand(NewInitCommand()) configRootCmd.AddCommand(NewInitCommand())
return configRootCmd return configRootCmd

View File

@ -1,76 +0,0 @@
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package config
import (
"fmt"
"github.com/spf13/cobra"
"opendev.org/airship/airshipctl/pkg/config"
)
const (
getEncryptionConfigsLong = `
Display a specific encryption config information, or all defined encryption configs if no name is provided.
`
getEncryptionConfigsExample = `
# List all the encryption configs airshipctl knows about
airshipctl config get-encryption-configs
# Display a specific encryption config
airshipctl config get-encryption-config exampleConfig
`
)
// NewGetEncryptionConfigCommand creates a command that enables printing an encryption configuration to stdout.
func NewGetEncryptionConfigCommand(cfgFactory config.Factory) *cobra.Command {
cmd := &cobra.Command{
Use: "get-encryption-config NAME",
Short: "Get an encryption config information from the airshipctl config",
Long: getEncryptionConfigsLong[1:],
Example: getEncryptionConfigsExample,
Args: cobra.MaximumNArgs(1),
Aliases: []string{"get-encryption-configs"},
RunE: func(cmd *cobra.Command, args []string) error {
airconfig, err := cfgFactory()
if err != nil {
return err
}
if len(args) == 1 {
name := args[0]
encryptionConfig, exists := airconfig.EncryptionConfigs[name]
if !exists {
return config.ErrEncryptionConfigurationNotFound{
Name: fmt.Sprintf("Encryption Config with name '%s'", name),
}
}
fmt.Fprintln(cmd.OutOrStdout(), encryptionConfig)
} else {
encryptionConfigs := airconfig.GetEncryptionConfigs()
if len(encryptionConfigs) == 0 {
fmt.Fprintln(cmd.OutOrStdout(), "No Encryption Config found in the configuration.")
}
for _, encryptionConfig := range encryptionConfigs {
fmt.Fprintln(cmd.OutOrStdout(), encryptionConfig)
}
}
return nil
},
}
return cmd
}

View File

@ -1,65 +0,0 @@
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package config_test
import (
"testing"
cmd "opendev.org/airship/airshipctl/cmd/config"
"opendev.org/airship/airshipctl/pkg/config"
"opendev.org/airship/airshipctl/testutil"
)
func TestGetEncryptionConfigCmd(t *testing.T) {
settings := func() (*config.Config, error) {
return &config.Config{
EncryptionConfigs: map[string]*config.EncryptionConfig{
config.AirshipDefaultContext: testutil.DummyEncryptionConfig(),
},
}, nil
}
emptySettings := func() (*config.Config, error) {
return &config.Config{}, nil
}
cmdTests := []*testutil.CmdTest{
{
Name: "get-encryption-config-with-help",
CmdLine: "--help",
Cmd: cmd.NewGetEncryptionConfigCommand(nil),
},
{
Name: "get-encryption-config-not-found",
CmdLine: "foo",
Cmd: cmd.NewGetEncryptionConfigCommand(emptySettings),
Error: config.ErrEncryptionConfigurationNotFound{Name: "Encryption Config with name 'foo'"},
},
{
Name: "get-encryption-config-all",
CmdLine: "",
Cmd: cmd.NewGetEncryptionConfigCommand(settings),
},
{
Name: "get-empty-encryption-config",
CmdLine: config.AirshipDefaultContext,
Cmd: cmd.NewGetEncryptionConfigCommand(settings),
},
}
for _, tt := range cmdTests {
testutil.RunTest(t, tt)
}
}

View File

@ -31,7 +31,6 @@ Create or modify a context in the airshipctl config files.
# Create a new context named "exampleContext" # Create a new context named "exampleContext"
airshipctl config set-context exampleContext \ airshipctl config set-context exampleContext \
--manifest=exampleManifest \ --manifest=exampleManifest \
--encryption-config=exampleEncryptionConfig
# Update the manifest of the current-context # Update the manifest of the current-context
airshipctl config set-context \ airshipctl config set-context \
@ -92,12 +91,6 @@ func addSetContextFlags(o *config.ContextOptions, cmd *cobra.Command) {
"", "",
"set the manifest for the specified context") "set the manifest for the specified context")
flags.StringVar(
&o.EncryptionConfig,
"encryption-config",
"",
"set the encryption config for the specified context")
flags.BoolVar( flags.BoolVar(
&o.Current, &o.Current,
"current", "current",

View File

@ -28,9 +28,8 @@ import (
) )
const ( const (
testEncryptionConfig = "test_encryption_config" defaultManifest = "edge_cloud"
defaultManifest = "edge_cloud" testManifest = "test_manifest"
testManifest = "test_manifest"
) )
type setContextTest struct { type setContextTest struct {
@ -70,23 +69,20 @@ func TestSetContext(t *testing.T) {
defer cleanupGiven(t) defer cleanupGiven(t)
tests := []struct { tests := []struct {
testName string testName string
contextName string contextName string
flags []string flags []string
givenConfig *config.Config givenConfig *config.Config
manifest string manifest string
encryptionConfig string
}{ }{
{ {
testName: "set-context", testName: "set-context",
contextName: "dummycontext", contextName: "dummycontext",
flags: []string{ flags: []string{
"--manifest=" + defaultManifest, "--manifest=" + defaultManifest,
"--encryption-config=" + testEncryptionConfig,
}, },
givenConfig: given, givenConfig: given,
manifest: defaultManifest, manifest: defaultManifest,
encryptionConfig: testEncryptionConfig,
}, },
{ {
testName: "set-current-context", testName: "set-current-context",
@ -103,15 +99,6 @@ func TestSetContext(t *testing.T) {
givenConfig: given, givenConfig: given,
manifest: testManifest, manifest: testManifest,
}, },
{
testName: "modify-context",
contextName: "def_target",
flags: []string{
"--encryption-config=" + testEncryptionConfig,
},
givenConfig: given,
encryptionConfig: testEncryptionConfig,
},
} }
for _, tt := range tests { for _, tt := range tests {

View File

@ -1,104 +0,0 @@
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package config
import (
"fmt"
"github.com/spf13/cobra"
"opendev.org/airship/airshipctl/pkg/config"
)
const (
setEncryptionConfigLong = `
Create or modify an encryption config in the airshipctl config file.
Encryption configs are local files or kubernetes secrets that are used to encrypt and decrypt kubernetes objects
`
setEncryptionConfigExample = `
# Create an encryption config with local gpg key source
airshipctl config set-encryption-config exampleConfig \
--encryption-key path-to-encryption-key \
--decryption-key path-to-encryption-key
# Create an encryption config with kube api server secret as the store to store encryption keys
airshipctl config set-encryption-config exampleConfig \
--secret-name secretName \
--secret-namespace secretNamespace
`
)
// NewSetEncryptionConfigCommand creates a command for creating and modifying encryption
// configs in the airshipctl config file.
func NewSetEncryptionConfigCommand(cfgFactory config.Factory) *cobra.Command {
o := &config.EncryptionConfigOptions{}
cmd := &cobra.Command{
Use: "set-encryption-config NAME",
Short: "Manage encryption configs in airship config",
Long: setEncryptionConfigLong[1:],
Example: setEncryptionConfigExample,
Args: cobra.ExactArgs(1),
RunE: func(cmd *cobra.Command, args []string) error {
cfg, err := cfgFactory()
if err != nil {
return err
}
o.Name = args[0]
modified, err := config.RunSetEncryptionConfig(o, cfg, true)
if err != nil {
return err
}
if modified {
fmt.Fprintf(cmd.OutOrStdout(), "Encryption Config %q modified.\n", o.Name)
} else {
fmt.Fprintf(cmd.OutOrStdout(), "Encryption Config %q created.\n", o.Name)
}
return nil
},
}
addSetEncryptionConfigFlags(o, cmd)
return cmd
}
func addSetEncryptionConfigFlags(o *config.EncryptionConfigOptions, cmd *cobra.Command) {
flags := cmd.Flags()
flags.StringVar(
&o.EncryptionKeyPath,
"encryption-key-path",
"",
"the path to the encryption key file")
flags.StringVar(
&o.DecryptionKeyPath,
"decryption-key-path",
"",
"the path to the decryption key file")
flags.StringVar(
&o.KeySecretName,
"secret-name",
"",
"name of the secret consisting of the encryption and decryption keys")
flags.StringVar(
&o.KeySecretNamespace,
"secret-namespace",
"",
"namespace of the secret consisting of the encryption and decryption keys")
}

View File

@ -1,179 +0,0 @@
/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package config
import (
"fmt"
"strings"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"opendev.org/airship/airshipctl/pkg/config"
"opendev.org/airship/airshipctl/testutil"
)
const (
encryptionConfigName = "encryptionConfig"
secretName = "secretName"
secretNamespace = "secretNamespace"
encryptionKeyFilePath = "/tmp/encryption.key"
decryptionKeyFilePath = "/tmp/decryption.pub"
)
func TestConfigSetEncryptionConfigurationCmd(t *testing.T) {
cmdTests := []*testutil.CmdTest{
{
Name: "config-cmd-set-encryption-config-with-help",
CmdLine: "--help",
Cmd: NewSetEncryptionConfigCommand(nil),
},
{
Name: "config-cmd-set-encryption-config-no-args",
CmdLine: "",
Cmd: NewSetEncryptionConfigCommand(nil),
Error: fmt.Errorf("accepts %d arg(s), received %d", 1, 0),
},
{
Name: "config-cmd-set-encryption-config-excess-args",
CmdLine: "arg1 arg2",
Cmd: NewSetEncryptionConfigCommand(nil),
Error: fmt.Errorf("accepts %d arg(s), received %d", 1, 2),
},
}
for _, tt := range cmdTests {
testutil.RunTest(t, tt)
}
}
func TestSetEncryptionConfig(t *testing.T) {
given, cleanupGiven := testutil.InitConfig(t)
defer cleanupGiven(t)
tests := []struct {
testName string
encryptionConfigName string
flags []string
inputConfig *config.Config
secretName string
secretNamespace string
encryptionKeyFilePath string
decryptionKeyFilePath string
error error
}{
{
testName: "set-encryption-config-error-no-encryption",
encryptionKeyFilePath: encryptionKeyFilePath,
decryptionKeyFilePath: decryptionKeyFilePath,
encryptionConfigName: encryptionConfigName,
flags: []string{
"--decryption-key-path " + decryptionKeyFilePath,
},
error: fmt.Errorf("specify both encryption " +
"and decryption keys when setting encryption config"),
inputConfig: given,
},
{
testName: "set-encryption-config-error-no-decryption",
flags: []string{
"--encryption-key-path " + encryptionKeyFilePath,
},
error: fmt.Errorf("you must specify both encryption " +
"and decryption keys when setting encryption config"),
encryptionConfigName: encryptionConfigName,
encryptionKeyFilePath: encryptionKeyFilePath,
decryptionKeyFilePath: decryptionKeyFilePath,
},
{
testName: "set-encryption-config-error-no-options",
encryptionConfigName: encryptionConfigName,
error: fmt.Errorf("you must specify both encryption " +
"and decryption keys when setting encryption config"),
inputConfig: given,
},
{
testName: "set-encryption-config",
encryptionConfigName: encryptionConfigName,
encryptionKeyFilePath: encryptionKeyFilePath,
decryptionKeyFilePath: decryptionKeyFilePath,
flags: []string{
"--decryption-key-path " + decryptionKeyFilePath,
"--encryption-key-path " + encryptionKeyFilePath,
},
inputConfig: given,
},
{
testName: "set-encryption-config-error-no-namespace",
encryptionConfigName: encryptionConfigName,
flags: []string{
"--secret-name " + secretName,
},
error: fmt.Errorf("you must specify both secret name and namespace" +
" when setting encryption config"),
},
{
testName: "set-encryption-config-error-no-secret-name",
encryptionConfigName: encryptionConfigName,
flags: []string{
"--secret-namespace " + secretNamespace,
},
error: fmt.Errorf("you must specify both secret name and namespace" +
" when setting encryption config"),
},
{
testName: "set-encryption-config",
encryptionConfigName: encryptionConfigName,
secretName: secretName,
secretNamespace: secretNamespace,
encryptionKeyFilePath: encryptionKeyFilePath,
decryptionKeyFilePath: decryptionKeyFilePath,
flags: []string{
"--secret-name " + secretName,
"--secret-namespace " + secretNamespace,
},
inputConfig: given,
},
}
for _, tt := range tests {
settings := func() (*config.Config, error) {
return tt.inputConfig, nil
}
cmd := &testutil.CmdTest{
Name: tt.testName,
CmdLine: fmt.Sprintf("%s %s", tt.encryptionConfigName, strings.Join(tt.flags, " ")),
Error: tt.error,
Cmd: NewSetEncryptionConfigCommand(settings),
}
testutil.RunTest(t, cmd)
if cmd.Error != nil {
return
}
afterRunConf := tt.inputConfig
// Find the Encryption Config Created or Modified
afterRunEncryptionConfig, _ := afterRunConf.EncryptionConfigs[tt.encryptionConfigName]
require.NotNil(t, afterRunEncryptionConfig)
assert.EqualValues(t, afterRunEncryptionConfig.KeySecretName, tt.secretName)
assert.EqualValues(t, afterRunEncryptionConfig.KeySecretNamespace, tt.secretNamespace)
assert.EqualValues(t, afterRunEncryptionConfig.EncryptionKeyPath, tt.encryptionKeyFilePath)
assert.EqualValues(t, afterRunEncryptionConfig.DecryptionKeyPath, tt.decryptionKeyFilePath)
}
}

View File

@ -5,13 +5,11 @@ Usage:
Available Commands: Available Commands:
get-context Get context information from the airshipctl config get-context Get context information from the airshipctl config
get-encryption-config Get an encryption config information from the airshipctl config
get-management-config View a management config or all management configs defined in the airshipctl config get-management-config View a management config or all management configs defined in the airshipctl config
get-manifest Get a manifest information from the airshipctl config get-manifest Get a manifest information from the airshipctl config
help Help about any command help Help about any command
init Generate initial configuration file for airshipctl init Generate initial configuration file for airshipctl
set-context Manage contexts set-context Manage contexts
set-encryption-config Manage encryption configs in airship config
set-management-config Modify an out-of-band management configuration set-management-config Modify an out-of-band management configuration
set-manifest Manage manifests in airship config set-manifest Manage manifests in airship config
use-context Switch to a different context use-context Switch to a different context

View File

@ -7,7 +7,6 @@ Examples:
# Create a new context named "exampleContext" # Create a new context named "exampleContext"
airshipctl config set-context exampleContext \ airshipctl config set-context exampleContext \
--manifest=exampleManifest \ --manifest=exampleManifest \
--encryption-config=exampleEncryptionConfig
# Update the manifest of the current-context # Update the manifest of the current-context
airshipctl config set-context \ airshipctl config set-context \
@ -16,8 +15,7 @@ airshipctl config set-context \
Flags: Flags:
--current update the current context --current update the current context
--encryption-config string set the encryption config for the specified context -h, --help help for set-context
-h, --help help for set-context --manifest string set the manifest for the specified context
--manifest string set the manifest for the specified context

View File

@ -8,7 +8,6 @@ Examples:
# Create a new context named "exampleContext" # Create a new context named "exampleContext"
airshipctl config set-context exampleContext \ airshipctl config set-context exampleContext \
--manifest=exampleManifest \ --manifest=exampleManifest \
--encryption-config=exampleEncryptionConfig
# Update the manifest of the current-context # Update the manifest of the current-context
airshipctl config set-context \ airshipctl config set-context \
@ -17,7 +16,6 @@ airshipctl config set-context \
Flags: Flags:
--current update the current context --current update the current context
--encryption-config string set the encryption config for the specified context -h, --help help for set-context
-h, --help help for set-context --manifest string set the manifest for the specified context
--manifest string set the manifest for the specified context

View File

@ -1,24 +0,0 @@
Error: accepts 1 arg(s), received 2
Usage:
set-encryption-config NAME [flags]
Examples:
# Create an encryption config with local gpg key source
airshipctl config set-encryption-config exampleConfig \
--encryption-key path-to-encryption-key \
--decryption-key path-to-encryption-key
# Create an encryption config with kube api server secret as the store to store encryption keys
airshipctl config set-encryption-config exampleConfig \
--secret-name secretName \
--secret-namespace secretNamespace
Flags:
--decryption-key-path string the path to the decryption key file
--encryption-key-path string the path to the encryption key file
-h, --help help for set-encryption-config
--secret-name string name of the secret consisting of the encryption and decryption keys
--secret-namespace string namespace of the secret consisting of the encryption and decryption keys

View File

@ -1,24 +0,0 @@
Error: accepts 1 arg(s), received 0
Usage:
set-encryption-config NAME [flags]
Examples:
# Create an encryption config with local gpg key source
airshipctl config set-encryption-config exampleConfig \
--encryption-key path-to-encryption-key \
--decryption-key path-to-encryption-key
# Create an encryption config with kube api server secret as the store to store encryption keys
airshipctl config set-encryption-config exampleConfig \
--secret-name secretName \
--secret-namespace secretNamespace
Flags:
--decryption-key-path string the path to the decryption key file
--encryption-key-path string the path to the encryption key file
-h, --help help for set-encryption-config
--secret-name string name of the secret consisting of the encryption and decryption keys
--secret-namespace string namespace of the secret consisting of the encryption and decryption keys

View File

@ -1,26 +0,0 @@
Create or modify an encryption config in the airshipctl config file.
Encryption configs are local files or kubernetes secrets that are used to encrypt and decrypt kubernetes objects
Usage:
set-encryption-config NAME [flags]
Examples:
# Create an encryption config with local gpg key source
airshipctl config set-encryption-config exampleConfig \
--encryption-key path-to-encryption-key \
--decryption-key path-to-encryption-key
# Create an encryption config with kube api server secret as the store to store encryption keys
airshipctl config set-encryption-config exampleConfig \
--secret-name secretName \
--secret-namespace secretNamespace
Flags:
--decryption-key-path string the path to the decryption key file
--encryption-key-path string the path to the encryption key file
-h, --help help for set-encryption-config
--secret-name string name of the secret consisting of the encryption and decryption keys
--secret-namespace string namespace of the secret consisting of the encryption and decryption keys

View File

@ -1,3 +0,0 @@
decryptionKeyPath: /tmp/decryption.pub
encryptionKeyPath: /tmp/encryption.key

View File

@ -1,3 +0,0 @@
decryptionKeyPath: /tmp/decryption.pub
encryptionKeyPath: /tmp/encryption.key

View File

@ -1,19 +0,0 @@
Error: Unknown encryption configuration 'Encryption Config with name 'foo''.
Usage:
get-encryption-config NAME [flags]
Aliases:
get-encryption-config, get-encryption-configs
Examples:
# List all the encryption configs airshipctl knows about
airshipctl config get-encryption-configs
# Display a specific encryption config
airshipctl config get-encryption-config exampleConfig
Flags:
-h, --help help for get-encryption-config

View File

@ -1,19 +0,0 @@
Display a specific encryption config information, or all defined encryption configs if no name is provided.
Usage:
get-encryption-config NAME [flags]
Aliases:
get-encryption-config, get-encryption-configs
Examples:
# List all the encryption configs airshipctl knows about
airshipctl config get-encryption-configs
# Display a specific encryption config
airshipctl config get-encryption-config exampleConfig
Flags:
-h, --help help for get-encryption-config

View File

@ -1,24 +0,0 @@
Error: specify both encryption and decryption keys when setting encryption config
Usage:
set-encryption-config NAME [flags]
Examples:
# Create an encryption config with local gpg key source
airshipctl config set-encryption-config exampleConfig \
--encryption-key path-to-encryption-key \
--decryption-key path-to-encryption-key
# Create an encryption config with kube api server secret as the store to store encryption keys
airshipctl config set-encryption-config exampleConfig \
--secret-name secretName \
--secret-namespace secretNamespace
Flags:
--decryption-key-path string the path to the decryption key file
--encryption-key-path string the path to the encryption key file
-h, --help help for set-encryption-config
--secret-name string name of the secret consisting of the encryption and decryption keys
--secret-namespace string namespace of the secret consisting of the encryption and decryption keys

View File

@ -23,12 +23,10 @@ Manage the airshipctl config file
* [airshipctl](airshipctl.md) - A unified entrypoint to various airship components * [airshipctl](airshipctl.md) - A unified entrypoint to various airship components
* [airshipctl config get-context](airshipctl_config_get-context.md) - Get context information from the airshipctl config * [airshipctl config get-context](airshipctl_config_get-context.md) - Get context information from the airshipctl config
* [airshipctl config get-encryption-config](airshipctl_config_get-encryption-config.md) - Get an encryption config information from the airshipctl config
* [airshipctl config get-management-config](airshipctl_config_get-management-config.md) - View a management config or all management configs defined in the airshipctl config * [airshipctl config get-management-config](airshipctl_config_get-management-config.md) - View a management config or all management configs defined in the airshipctl config
* [airshipctl config get-manifest](airshipctl_config_get-manifest.md) - Get a manifest information from the airshipctl config * [airshipctl config get-manifest](airshipctl_config_get-manifest.md) - Get a manifest information from the airshipctl config
* [airshipctl config init](airshipctl_config_init.md) - Generate initial configuration file for airshipctl * [airshipctl config init](airshipctl_config_init.md) - Generate initial configuration file for airshipctl
* [airshipctl config set-context](airshipctl_config_set-context.md) - Manage contexts * [airshipctl config set-context](airshipctl_config_set-context.md) - Manage contexts
* [airshipctl config set-encryption-config](airshipctl_config_set-encryption-config.md) - Manage encryption configs in airship config
* [airshipctl config set-management-config](airshipctl_config_set-management-config.md) - Modify an out-of-band management configuration * [airshipctl config set-management-config](airshipctl_config_set-management-config.md) - Modify an out-of-band management configuration
* [airshipctl config set-manifest](airshipctl_config_set-manifest.md) - Manage manifests in airship config * [airshipctl config set-manifest](airshipctl_config_set-manifest.md) - Manage manifests in airship config
* [airshipctl config use-context](airshipctl_config_use-context.md) - Switch to a different context * [airshipctl config use-context](airshipctl_config_use-context.md) - Switch to a different context

View File

@ -1,42 +0,0 @@
## airshipctl config get-encryption-config
Get an encryption config information from the airshipctl config
### Synopsis
Display a specific encryption config information, or all defined encryption configs if no name is provided.
```
airshipctl config get-encryption-config NAME [flags]
```
### Examples
```
# List all the encryption configs airshipctl knows about
airshipctl config get-encryption-configs
# Display a specific encryption config
airshipctl config get-encryption-config exampleConfig
```
### Options
```
-h, --help help for get-encryption-config
```
### Options inherited from parent commands
```
--airshipconf string Path to file for airshipctl configuration. (default "$HOME/.airship/config")
--debug enable verbose output
```
### SEE ALSO
* [airshipctl config](airshipctl_config.md) - Manage the airshipctl config file

View File

@ -18,7 +18,6 @@ airshipctl config set-context NAME [flags]
# Create a new context named "exampleContext" # Create a new context named "exampleContext"
airshipctl config set-context exampleContext \ airshipctl config set-context exampleContext \
--manifest=exampleManifest \ --manifest=exampleManifest \
--encryption-config=exampleEncryptionConfig
# Update the manifest of the current-context # Update the manifest of the current-context
airshipctl config set-context \ airshipctl config set-context \
@ -30,10 +29,9 @@ airshipctl config set-context \
### Options ### Options
``` ```
--current update the current context --current update the current context
--encryption-config string set the encryption config for the specified context -h, --help help for set-context
-h, --help help for set-context --manifest string set the manifest for the specified context
--manifest string set the manifest for the specified context
``` ```
### Options inherited from parent commands ### Options inherited from parent commands

View File

@ -1,52 +0,0 @@
## airshipctl config set-encryption-config
Manage encryption configs in airship config
### Synopsis
Create or modify an encryption config in the airshipctl config file.
Encryption configs are local files or kubernetes secrets that are used to encrypt and decrypt kubernetes objects
```
airshipctl config set-encryption-config NAME [flags]
```
### Examples
```
# Create an encryption config with local gpg key source
airshipctl config set-encryption-config exampleConfig \
--encryption-key path-to-encryption-key \
--decryption-key path-to-encryption-key
# Create an encryption config with kube api server secret as the store to store encryption keys
airshipctl config set-encryption-config exampleConfig \
--secret-name secretName \
--secret-namespace secretNamespace
```
### Options
```
--decryption-key-path string the path to the decryption key file
--encryption-key-path string the path to the encryption key file
-h, --help help for set-encryption-config
--secret-name string name of the secret consisting of the encryption and decryption keys
--secret-namespace string namespace of the secret consisting of the encryption and decryption keys
```
### Options inherited from parent commands
```
--airshipconf string Path to file for airshipctl configuration. (default "$HOME/.airship/config")
--debug enable verbose output
```
### SEE ALSO
* [airshipctl config](airshipctl_config.md) - Manage the airshipctl config file

View File

@ -28,5 +28,5 @@ such as getting list and applying specific one.
* [airshipctl phase render](airshipctl_phase_render.md) - Render phase documents from model * [airshipctl phase render](airshipctl_phase_render.md) - Render phase documents from model
* [airshipctl phase run](airshipctl_phase_run.md) - Run phase * [airshipctl phase run](airshipctl_phase_run.md) - Run phase
* [airshipctl phase tree](airshipctl_phase_tree.md) - Tree view of kustomize entrypoints of phase * [airshipctl phase tree](airshipctl_phase_tree.md) - Tree view of kustomize entrypoints of phase
* [airshipctl phase validate](airshipctl_phase_validate.md) - Validate phase * [airshipctl phase validate](airshipctl_phase_validate.md) - Assert that a phase is valid

View File

@ -4,7 +4,8 @@ Assert that a phase is valid
### Synopsis ### Synopsis
Command which would validate that the phase contains the required documents to run the phase Command which would validate that the phase contains the required documents to run the phase.
``` ```
airshipctl phase validate PHASE_NAME [flags] airshipctl phase validate PHASE_NAME [flags]
@ -22,7 +23,7 @@ airshipctl phase validate initinfra
### Options ### Options
``` ```
-h, --help help for run -h, --help help for validate
``` ```
### Options inherited from parent commands ### Options inherited from parent commands