oidc-key-manager

CLI to manage secret keys required by oidc-gateway

Usage
Commands

Usage

$ npm install -g @codemowers/oidc-key-manager
$ key-manager COMMAND
running command...
$ key-manager (--version)
@codemowers/oidc-key-manager/1.1.2 linux-x64 node-v22.20.0
$ key-manager --help [COMMAND]
USAGE
  $ key-manager COMMAND
...

Commands

key-manager initialize
key-manager rotate

`key-manager initialize`

Initialize the secret with initial keys

USAGE
  $ key-manager initialize -c local|cluster [--json] [-n <value>] [-s <value>] [-l <value>] [--recreate]

FLAGS
  -c, --config=<option>             (required) use local or in-cluster Kubernetes config
                                    <options: local|cluster>
  -l, --additionalLabel=<value>...  Add custom Kubernetes label (may be repeated)
  -n, --namespace=<value>           namespace, defaults to current namespace if service account is used
  -s, --secret=<value>              [default: oidc-keys] secret name
      --recreate                    recreate the secret if it exists

GLOBAL FLAGS
  --json  Format output as json.

DESCRIPTION
  Initialize the secret with initial keys

EXAMPLES
  $ key-manager initialize

  $ key-manager initialize

  $ key-manager initialize -n <kube namespace> -s <secret name>

  $ key-manager initialize --namespace <kube namespace> --secret <secret name> --recreate

  $ key-manager initialize --additional-label "app.kubernetes.io/instance: passmower"

See code: src/commands/initialize.ts

`key-manager rotate`

Append new JWK|cookie key|both and rotate the array, optionally restarting the deployment

USAGE
  $ key-manager rotate -c local|cluster [-n <value>] [-s <value>] [-l <value>] [--both] [--jwks]
    [--cookie-keys] [--max-number-of-jwks <value>] [--max-number-of-cookie-keys <value>] [--restart-deployment-backoff
    <value> --restart-deployment <value>]

FLAGS
  -c, --config=<option>                     (required) use local or in-cluster Kubernetes config
                                            <options: local|cluster>
  -l, --additionalLabel=<value>...          Add custom Kubernetes label (may be repeated)
  -n, --namespace=<value>                   namespace, defaults to current namespace if service account is used
  -s, --secret=<value>                      [default: oidc-keys] secret name
      --both                                rotate both JWKs and cookie keys
      --cookie-keys                         rotate cookie keys
      --jwks                                rotate JWKs
      --max-number-of-cookie-keys=<value>   [default: 3]
      --max-number-of-jwks=<value>          [default: 3]
      --restart-deployment=<value>          Kubernetes deployment name to restart while rotating
      --restart-deployment-backoff=<value>  [default: 60] Seconds to wait for deployment to restart

DESCRIPTION
  Append new JWK|cookie key|both and rotate the array, optionally restarting the deployment

EXAMPLES
  $ key-manager rotate

See code: src/commands/rotate.ts

Name		Name	Last commit message	Last commit date
Latest commit History 44 Commits
.github		.github
bin		bin
src		src
test		test
.editorconfig		.editorconfig
.eslintignore		.eslintignore
.eslintrc		.eslintrc
.gitignore		.gitignore
.mocharc.json		.mocharc.json
LICENCE		LICENCE
README.md		README.md
package.json		package.json
tsconfig.json		tsconfig.json
yarn.lock		yarn.lock

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

oidc-key-manager

Usage

Commands

`key-manager initialize`

`key-manager rotate`

About

Uh oh!

Releases

Packages

Uh oh!

Contributors 3

Uh oh!

Languages

License

codemowers/oidc-key-manager

Folders and files

Latest commit

History

Repository files navigation

oidc-key-manager

Usage

Commands

key-manager initialize

key-manager rotate

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors 3

Uh oh!

Languages

`key-manager initialize`

`key-manager rotate`

Packages