Skip to content
/ shhh Public

A CLI tool to decode base64-encoded Kubernetes secrets.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

itsrishub/shhh

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.github/workflows
.github/workflows
 
 
assets
assets
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
README.md
README.md
 
 
install.sh
install.sh
 
 
justfile
justfile
 
 

Repository files navigation

shhh

A CLI tool to decode base64-encoded Kubernetes secrets.

screenshot

Installation

curl -fsSL https://raw.githubusercontent.com/itsrishub/shhh/main/install.sh | sudo bash

Build from source

cargo build --release
sudo cp target/release/shhh /usr/local/bin/

Or use the included build script:

chmod +x build.sh
./build.sh

Usage

Pipe the YAML output of kubectl get secret to shhh:

kubectl get secret <secret-name> -o yaml | shhh

Example

$ kubectl get secret my-credentials -o yaml | shhh
apiVersion: v1
kind: Secret
metadata:
  name: my-credentials
  namespace: default
type: Opaque
data:
  username: admin
  password: supersecret123

The tool preserves the original YAML structure and decodes all base64 values in the data section inline.

Error Handling

The tool validates input and provides helpful error messages:

  • Running without piped input shows usage instructions
  • Non-secret YAML input is rejected with an error
  • Secrets without a data section are flagged

Requirements

  • Rust (for building)
  • kubectl (for fetching secrets)

About

A CLI tool to decode base64-encoded Kubernetes secrets.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

v1.0.0 Latest
Feb 15, 2026

Packages

No packages published

Languages