minikube secret 작업

https://kubernetes.io/ko/docs/tasks/configmap-secret/managing-secret-using-kubectl/

kubectl을 사용한 시크릿(Secret) 관리

# 목록 조회
kubectl get secret -A

# 내용 보기
kubectl describe secret {secret 이름} -n {namespace}
----------------------------
Name:         bootstrap-token-abcdef
Namespace:    {namespace}
Labels:       <none>
Annotations:  <none>

Type:  bootstrap.kubernetes.io/token

Data
====
auth-extra-groups:               47 bytes
expiration:                      20 bytes
token-id:                        6 bytes
token-secret:                    16 bytes
usage-bootstrap-authentication:  4 bytes
usage-bootstrap-signing:         4 bytes
----------------------------

# Data 내용 보기
# base64 encode된 데이터가 보임
kubectl get secret {secret 이름} -n {namespace} -o yaml
----------------------------
apiVersion: v1
data:
  auth-extra-groups: xxx
  expiration: xxx
  token-id: xxx
  token-secret: xxx
  usage-bootstrap-authentication: xxx
  usage-bootstrap-signing: xxx
kind: Secret
metadata:
  creationTimestamp: "2024-02-18T13:29:40Z"
  name: bootstrap-token-abcdef
  namespace: {namespace}
  resourceVersion: "1772212"
  uid: xxx
type: bootstrap.kubernetes.io/token
----------------------------

# auth-extra-groups 내용 확인
kubectl get secret  {secret 이름} -o jsonpath='{.data.auth-extra-groups}' -n {namespace} | base64 --decode

# auth-extra-groups 내용 만들기
echo -n {group}:{user} | base64

# auth-extra-groups 내용 수정
# wq!로 나옴
kubectl edit secret {secret 이름} -n {namespace}
----------------------------
apiVersion: v1
data:
  auth-extra-groups: {생성한 내용}
  expiration: xxx
  token-id: xxx
  token-secret: xxx
  usage-bootstrap-authentication: xxx
  usage-bootstrap-signing: xxx
kind: Secret
metadata:
  creationTimestamp: "2024-02-18T13:29:40Z"
  name: bootstrap-token-abcdef
  namespace: {namespace}
  resourceVersion: "1772212"
  uid: xxx
type: bootstrap.kubernetes.io/token
----------------------------

auth-extra-groups 변경내용이 반영은 되는데, 권한에 영향을 주지는 않는 것 같음

kubeadm에서 변경해야 할 것 같음