jx-secret is a small command line tool working with Kubernetes External Secrets.
You can find more about how we use the jx-secret binary binary inside Jenkins X in the guide on working with Secrets
Download the jx-secret binary for your operating system and add it to your $PATH.
See the jx-secret command reference for the available commands
To improve the UX around editing Secrets via jx secret edit or populating initial or generated secrets on first install via jx secret populate we use a Schema definition (similar to JSON Schema) which allows you to provide better validation and configuration for default values and the generator to be used.
For details of the schema configuration see Schema.
The schema files are usually detected for charts via the version stream at versionStream/charts/$repoName/$chartName/secret-schema.yaml
If you are adding your own charts and want your own secret schemas outside of the version stream then you can place them at: charts/$repoName/$chartName/secret-schema.yaml.
Though we would welcome contributions to the version stream so that we can add common secret schemas for popular helm charts so that they just work OOTB with external secrets.
When using the jx-secret convert command to generate ExternalSecret CRDs you may wish to use a custom mapping of Secret names and data keys to key/properties in Vault.
To do this just create a .jx/secret/mapping/secret-mapping.yaml file in your directory tree when running the command.
You can then customise the key and/or property values that are used in the generated ExternalSecret CRDs
For more details see the Mapping Configuration Reference
See the jx-secret command reference
The configuration file formats and schema references are here: