DEVELOPERS DOCS
- Home
- Keboola Overview
-
Extending Keboola
- Components
- Generic Extractor
- Generic Writer
- Common Interface
- Docker Runner
- Publishing Component
- Integration
- Automation/Common Tasks
- CLI
Encrypt Command
Encrypt all unencrypted secrets in the local directory.
kbc local encrypt [flags]
Or shorter:
kbc e [flags]
Unencrypted secrets are values of properties prefixed by # that have not been encrypted
yet.
For example, {"#someSecretProperty": "secret value"}
will be transformed into {"#someSecretProperty": "KBC::ProjectSecure::<encryptedcontent>"}.
Options
--dry-run- Preview all values that would be affected
Examples
Let’s say you create a configuration for the MySQL extractor:
{
"parameters": {
"host": "our.mysql.server.dev",
"user": "keboola",
"#password": "super-secret"
}
}
The preview will look like this:
➜ kbc encrypt --dry-run
Plan for "encrypt" operation:
C main/extractor/keboola.ex-db-mysql/invoices
parameters.#password
Dry run, nothing changed.
The actual encrypt command:
➜ kbc encrypt
Plan for "encrypt" operation:
C main/extractor/keboola.ex-db-mysql/invoices
parameters.#password
Encrypt done.
And the configuration now looks like this:
{
"parameters": {
"host": "our.mysql.server.dev",
"user": "keboola",
"#password": "KBC::ProjectSecureKV::eJxLtDK2qs60MrIutrI0s1K695WJQWmhYOI9j2l/twSJl0/nsf6auv/Fs7n5VWvj+tbwvtyz/PSh30Jz8/Y2B0QyPDwteXK/3d7GN55b/y3rK+BbXLF1ne5sg6/Lja/vfzlT4TbvXfkFIuHL9DU0knh8yvedF0lXss60MgbaZQS0Kz01Tzc1L7mosqAkv8jM0NIgzdTU0NQw1cACpMoEqMrYyEop1cjM0DjZzNzE0tLYxNTQMtEw0dLYKCnN0sDS1DjV3EzJuhYAzUBL0A=="
}
}
Next Steps
© 2024 Keboola