Souheil-Yazji · June 30, 2023 18:48
diff --git a/decode_secrets.sh b/decode_secrets.sh
 #!/bin/bash

 #  ██     ██  █████  ██████  ███    ██ ██ ███    ██  ██████  
 #  ██     ██ ██   ██ ██   ██ ████   ██ ██ ████   ██ ██       
 #  ██  █  ██ ███████ ██████  ██ ██  ██ ██ ██ ██  ██ ██   ███ 
 #  ██ ███ ██ ██   ██ ██   ██ ██  ██ ██ ██ ██  ██ ██ ██    ██ 
 #   ███ ███  ██   ██ ██   ██ ██   ████ ██ ██   ████  ██████  
 #                                                            
 #                                                            
 # This will print SECRETS as PLAIN TEXT to your terminal.
 # 
 # Requires kubectl and jq
 # Run `chmod +x decode_secrets.sh` to grant execute permission
 # 

 # Get the names of all secrets in the cluster
 secret_names=$(kubectl get secrets --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}/{.metadata.name}{"\n"}{end}')

 # Loop through each secret and decode the data
 for secret_name in $secret_names; do
    namespace=$(echo "$secret_name" | cut -d'/' -f1)
    secret=$(echo "$secret_name" | cut -d'/' -f2)
    echo "Decoding secret: $secret in namespace: $namespace"

    # Get the secret manifest
    secret_manifest=$(kubectl get secret "$secret" -n "$namespace" -o json)

    # Extract the data field from the secret manifest
    data=$(echo "$secret_manifest" | jq -r '.data')

    # Loop through each data field and decode the values
    for key in $(echo "$data" | jq -r 'keys[]'); do
        encoded_value=$(echo "$data" | jq -r --arg key "$key" '.[$key]')
        decoded_value=$(echo "$encoded_value" | base64 --decode)

        echo "Key: $key"
        echo "Decoded Value: $decoded_value"
        echo
    done

    echo "-----------------------------------------"
 done
	#!/bin/bash

	# ██ ██ █████ ██████ ███ ██ ██ ███ ██ ██████
	# ██ ██ ██ ██ ██ ██ ████ ██ ██ ████ ██ ██
	# ██ █ ██ ███████ ██████ ██ ██ ██ ██ ██ ██ ██ ██ ███
	# ██ ███ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
	# ███ ███ ██ ██ ██ ██ ██ ████ ██ ██ ████ ██████
	#
	#
	# This will print SECRETS as PLAIN TEXT to your terminal.
	#
	# Requires kubectl and jq
	# Run `chmod +x decode_secrets.sh` to grant execute permission
	#

	# Get the names of all secrets in the cluster
	secret_names=$(kubectl get secrets --all-namespaces -o jsonpath='{range .items[*]}{.metadata.namespace}/{.metadata.name}{"\n"}{end}')

	# Loop through each secret and decode the data
	for secret_name in $secret_names; do
	namespace=$(echo "$secret_name" \| cut -d'/' -f1)
	secret=$(echo "$secret_name" \| cut -d'/' -f2)
	echo "Decoding secret: $secret in namespace: $namespace"

	# Get the secret manifest
	secret_manifest=$(kubectl get secret "$secret" -n "$namespace" -o json)

	# Extract the data field from the secret manifest
	data=$(echo "$secret_manifest" \| jq -r '.data')

	# Loop through each data field and decode the values
	for key in $(echo "$data" \| jq -r 'keys[]'); do
	encoded_value=$(echo "$data" \| jq -r --arg key "$key" '.[$key]')
	decoded_value=$(echo "$encoded_value" \| base64 --decode)

	echo "Key: $key"
	echo "Decoded Value: $decoded_value"
	echo
	done

	echo "-----------------------------------------"
	done