Hexor/k8s-secrets

mirror of https://github.com/house-of-vanity/k8s-secrets.git synced 2026-02-04 01:37:57 +00:00

Go to file

Alexandr Bogomyakov e48a55c19e Update README.md

2025-12-29 02:50:43 +00:00

.github/workflows

Added query params to get values in plain text

2025-09-15 14:57:28 +03:00

Move kubernetes manifests to folder

2025-12-24 03:02:53 +00:00

Added webhook support

2025-12-29 02:06:23 +00:00

Added webhook support

2025-12-29 02:06:23 +00:00

.gitignore

first commit

2025-09-03 16:32:44 +03:00

Cargo.lock

Added webhook support

2025-12-29 02:06:23 +00:00

Cargo.toml

Added webhook support

2025-12-29 02:06:23 +00:00

Dockerfile

first commit

2025-09-03 16:32:44 +03:00

Dockerfile.prebuilt

Added query params to get values in plain text

2025-09-15 14:57:28 +03:00

README.md

Update README.md

2025-12-29 02:50:43 +00:00

README.md

Secret Reader

Kubernetes secret viewer with TOTP support.

Features

View Kubernetes secrets in web UI
Auto-generate TOTP codes from otpauth:// URLs
Copy values with one click
Show secrets sent via /webhook endpoint in json like {"name":"Login Code","fields":{"Code":"12345678","another field":"some content"}}

Deploy

kubectl apply -f service-account.yaml
kubectl apply -f rbac.yaml
kubectl apply -f deployment.yaml
kubectl apply -f service.yaml

Security

⚠️ The service has no built-in authentication. Use a proxy for auth (nginx, oauth2-proxy, etc).

Configuration

Edit deployment.yaml to specify which secrets to display:

args:
  - "--secrets"
  - "secret1,secret2"
  - "--namespace"
  - "k8s-secrets"

API Usage

# Get secret field as plaintext
curl "http://localhost:3000/secret?name=my-secret&field=password"