ccli

Command Line Client for Cryptopus

Installation

gem install ccli

This will install the cry command including its dependencies

Features

• Fetch encryptable data from Cryptopus
• List accessable teams in Cryptopus
• Sync Openshift/Kubernetes Secrets to Cryptopus
• Sync Secrets from Cryptopus to Openshift/Kubernetes

Usage

Receiving the login token from Cryptopus

Commands

  Command:           Summary:

  encryptable            Fetches an encryptable by the given id
  folder             Selects the Cryptopus folder by id
  help               Display global or [command] help documentation
  k8s-secret-pull    Pulls secret from Kubectl to Cryptopus
  k8s-secret-push    Pushes secret from Cryptopus to Kubectl
  login              Logs in to the ccli
  logout             Logs out of the ccli
  ose-secret-pull    Pulls secret from Openshift to Cryptopus
  ose-secret-push    Pushes secret from Cryptopus to Openshift
  teams              Lists all available teams
  use                Select the current folder

Show more specific documentation by calling cry help <command>

Account

Logging in

Use the ccli login copy button from the UI or do it manually:

user=<my-user>
token=<my-token>
url=https://cryptopus.example.com

cry login $(echo -n "$user:$token" | base64)@$url

Retrieving

To retreive encryptable data as yaml:

cry encryptable 42 > encryptable.yaml

Retreiving encryptable's password and assign it to a variable:

PASSWORD=$(cry encryptable 42 --password)

Updating

not supported yet by ccli

Kubernetes/Openshift

Required tools

First you'll have to install either oc or kubectl depending on your usage

Pulling Kubernetes / Openshift Secrets

when using the command {ose|k8s}-secret-pull after beeing logged in to a k8s/ose project, all secrets labeled with cryptopus-sync=true are backed up to cryptopus.

to label a specific secret do:

oc: oc label secret <secret-name> cryptopus-sync=true

kubectl: kubectl label secret <secret-name> cryptopus-sync=true

Restored secrets by {ose|k8s}-secret-push are labeled automatically.

Development

Prerequisites

You will need the following things properly installed on your computer:

• Git (Version Control System)
• RVM (Ruby Version Manager)

Setup

• rvm install 2.6.0
• gem install bundler
• bundle install

Running tests

bundle exec rspec