kube/secrets/add-secret-from-stdin.sh - buildbot - Git at Google

 #!/bin/bash

 # Add a secret to berglas from stdin.
 #
 # The stdin stream should be a kubernetes secret file formatted as YAML.

 if [ $# -ne 2 ]; then
     echo "$0 <cluster-name> <secret-name>"
     exit 1
 fi

 CLUSTER=$1
 SECRET_NAME=$2

 REL=$(dirname "$0")
 source ${REL}/config.sh

 # bergals only understands a single line, so we base64 encode the whole file,
 # and then use awk to add a single newline to the end of the base64, which
 # berglas also needs.
 base64 --wrap=0 \
 | awk '{ print $0 }' \
 | berglas update ${BUCKET_ID}/${CLUSTER}/${SECRET_NAME} - --create-if-missing --key ${KEY}

 berglas grant ${BUCKET_ID}/${CLUSTER}/${SECRET_NAME} ${ACCESS_CONTROL}
	#!/bin/bash

	# Add a secret to berglas from stdin.
	#
	# The stdin stream should be a kubernetes secret file formatted as YAML.

	if [ $# -ne 2 ]; then
	echo "$0 <cluster-name> <secret-name>"
	exit 1
	fi

	CLUSTER=$1
	SECRET_NAME=$2

	REL=$(dirname "$0")
	source ${REL}/config.sh

	# bergals only understands a single line, so we base64 encode the whole file,
	# and then use awk to add a single newline to the end of the base64, which
	# berglas also needs.
	base64 --wrap=0 \
	\| awk '{ print $0 }' \
	\| berglas update ${BUCKET_ID}/${CLUSTER}/${SECRET_NAME} - --create-if-missing --key ${KEY}

	berglas grant ${BUCKET_ID}/${CLUSTER}/${SECRET_NAME} ${ACCESS_CONTROL}