cdsctl encrypt

Encrypt variable into your CDS project

Synopsis

To be able to write secret in the CDS yaml files, you have to encrypt data with the project GPG key.

Create a secret variable:

$ cdsctl encrypt MYPROJECT my-data my-super-secret-value
my-data: 01234567890987654321

The command returns the value: 01234567890987654321. You can use this value in a configuration file.

Example of use case: Import an environment with a secret.

Create an environment file to import :

$ cat << EOF > your-environment.yml
name: your-environment
values:
a-readable-variable:
    type: string
    value: value
my-data:
    type: password
    value: 01234567890987654321
EOF

Then, import then environment:

cdsctl environment import MYPROJECT your-environment.yml

Or push your workflow

cdsctl workflow push MYPROJECT *.yml

cdsctl encrypt [ PROJECT-KEY ] VARIABLE-NAME [SECRET-VALUE]

Examples

cdsctl encrypt MYPROJECT my-data my-super-secret-value
my-data: 01234567890987654321

Options inherited from parent commands

  -c, --context string   cdsctl context name
  -f, --file string      set configuration file
      --insecure         (SSL) This option explicitly allows curl to perform "insecure" SSL connections and transfers.
  -n, --no-interactive   Set to disable interaction with ctl
      --verbose          Enable verbose output

SEE ALSO

• cdsctl - CDS Command line utility
• cdsctl encrypt delete - Delete the given encrypted variable of your CDS project
• cdsctl encrypt list - List all the encrypted variable of your CDS project