OpenShift - Display secret content using the oc secrets command

If you are not familiar with the oc command, refer to OpenShift - Getting Started with the oc command.

There are different ways to configure a container with environment variables.

A config map contains files, variables, and command line options that can be used by one or more applications, as a way to create separation between applications and the files, variables, and command line options being used by the applications.

Or, a secret can be used, so that the data is encoded (not encrypted).

For example, a config map could contain the variable foo=Hello or a secret could contain foo=V29ybGQ= (which is Hello base 64 encoded), and then one or more pods could use the config map or secret to return Hello from the foo key.

Let's say you create a secret named "mysecret" that contains the key "foo" and value "bar".

oc create secret generic mysecret --from-literal=foo="bar"


The oc get secrets command should show that the secret exists.

~]$ oc get secrets
NAME                        TYPE                                  DATA   AGE
mysecret                    Opaque                                1      3m11s


The --output yaml or --output json options can be used to display the YAML or JSON details of the secret. Notice that the "foo" key contains "YmFy" instead of "bar". This is normal, because the secret value is base64 encoded.

~]$ oc get secrets mysecret --output yaml
apiVersion: v1
  foo: YmFy
kind: Secret
  creationTimestamp: "2021-11-18T07:12:09Z"
  name: mysecret
  namespace: default
  resourceVersion: "448072461"
  uid: 4104a646-84e2-46c3-bd59-408e2f7ee807
type: Opaque


On a Linux system, the base64 command can be used to decode the value.

~]# echo YmFy | base64 --decode


Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee

Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter 63225 in the box below so that we can be sure you are a human.


Web design by yours truely - me, myself, and I   |   |