Kubernetes: modify a secret using kubectl?

Question

How can I modify the values in a Kubernetes secret using kubectl?

I created the secret with kubernetes create secret generic, but t

Answer 1

The Easy Way : Delete and recreate the secret

After looking at all these answers, for my needs the best solution was to delete and recreate :

kubectl delete secret generic
kubectl create secret generic # or whatever .. 

---

If you want to do it the hard way :

Using edit to change a docker-registry secret

I came to this question looking to modify a "docker-registry" style secret.
Simply editing it using kubectl edit secret seemed fraught as I didn't know what the secret value looked like.

I had created it with a command like kubectl create secret docker-registry generic-registry-secret --docker-server=docker.server --docker-username='my-cloud-usernname' --docker-password='my-auth-token' --docker-email='my@email.com'

I could have edited it, I figured out after looking at the other various answers here how that could be done - I'm including my notes here in case they help others.

List secrets : kubectl get secrets
Details of specific secret : kubectl describe secrets/generic-registry-secret
Get value of secret : kubectl get secret generic-registry-secret -o jsonpath={.data}
Decode secret value : First get everything between "map[.dockerconfigjson:" and "]" and then do :
echo "x9ey_the_secret_encoded_value_here_X0b3=" | base64 --decode

I could then take from that the specific auth token value I was seeking, and replace it with a new one. And then run that new full entire string through a | base 64 to get the base 64 encoding, and now I could finally, confidently, change the value by using kubectl edit secret generic-registry-secret and put in the new correct value.

But a delete and recreate is the simpler option.

---

References :

• https://kubernetes.io/docs/concepts/configuration/secret/
• https://kubernetes.io/docs/tasks/configmap-secret/managing-secret-using-kubectl/