b7dd46c4e6
This patchset introduces airshipctl command - airshipctl cluster rotate-sa-token which basically rotates SA tokens Previous work: https://review.opendev.org/#/c/749470/ Change-Id: Ibe932fa8d2831979e5b2ac2781f746e8ec2fdc3c
25 lines
943 B
Plaintext
25 lines
943 B
Plaintext
Use to reset/rotate the Service Account(SA) tokens and additionally restart the
|
|
corresponding pods to get the latest token data reflected in the pod spec
|
|
|
|
Secret-namespace is a mandatory field and secret-name is optional. If secret-
|
|
name is not given, all the SA tokens in that particular namespace is considered,
|
|
else only that particular input secret-name
|
|
|
|
Usage:
|
|
rotate-sa-token [flags]
|
|
|
|
Examples:
|
|
|
|
# To rotate a particular SA token
|
|
airshipctl cluster rotate-sa-token -n cert-manager -s cert-manager-token-vvn9p
|
|
|
|
# To rotate all the SA tokens in cert-manager namespace
|
|
airshipctl cluster rotate-sa-token -n cert-manager
|
|
|
|
|
|
Flags:
|
|
-h, --help help for rotate-sa-token
|
|
--kubeconfig string Path to kubeconfig associated with cluster being managed
|
|
-s, --secret-name string name of the secret containing Service Account Token
|
|
-n, --secret-namespace string namespace of the Service Account Token
|