Enhancement: Please pass raw certificate in json output of step certificate inspect #1609
Description
Hello!
- Vote on this issue by adding a 👍 reaction
- If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
Issue details
We have Tekton pipelines that filter our certs and CAs based on security criteria and distributes them via AWS/S3, Vault, etc. Our current process uses a combination of awk to parse the certs and then process them though step certificate inspect | jq ... to traffic cop the certs to their destinations. We'd could reduce our scripts/processes to one line invocations of step and jq to validate the input certs (in pem format in our case) filter via jq, and then to create one or more output files IF the pem formated cert was available in the json output.
Why is this needed?
- Simplify our pipelines
- Less chance for error
- Greater ability to filter certs based on all of the possible criteria from a parsed cert (key length, expiration date, usages, etc)
Step certificate inspect is our Swiss Army knife for deploying certs and verifying the endpoints after deployment.