Zarf CLI should easily show Git and Registry credentials

[runyontr]

When looking to debug a deployment after doing a zarf init, if I didn't save the login credentials that get spit out durin gthe init phase, I can't find a clean way to discover the credentials. This is how I've been finding it:

k get secrets -n zarf zarf-state -o jsonpath="{ .data.state }" | base64 --decode | jq -r .

it would be nice if there were a zarf cli command to extract either the full secret, or at least the credentials that were returned as part of the init phase

[jtaylor-afs]

I am still on an older Zarf, but from what I can tell, the stored secrets did not have all of the credentials. I think notably, either the git or registry read/write user were not published as a secret.

Just wanted to ask the question to see if this mechanism would encompass all creds.

[Racer159]

@jtaylor-afs yep, in newer versions of Zarf all credentials are stored in the zarf state. Here is an example of the output from the commend @runyontr posted from a local dev run (keys have been rotated):

{
  "zarfAppliance": false,
  "distro": "k3d",
  "architecture": "amd64",
  "storageClass": "local-path",
  "agentTLS": {
    "ca": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURXakNDQWtLZ0F3SUJBZ0lSQU1nOFBhVmJscTMyOEhYSWdHMENFaVF3RFFZSktvWklodmNOQVFFTEJRQXcKTnpFWE1CVUdBMVVFQ2hNT1dtRnlaaUJEYjIxdGRXNXBkSGt4SERBYUJnTlZCQU1URTJOaExuQnlhWFpoZEdVdQplbUZ5Wmk1a1pYWXdIaGNOTWpNd01URTBNVGd4T1RFeldoY05NalF3TVRJME1UZ3hPVEV6V2pBM01SY3dGUVlEClZRUUtFdzVhWVhKbUlFTnZiVzExYm1sMGVURWNNQm9HQTFVRUF4TVRZMkV1Y0hKcGRtRjBaUzU2WVhKbUxtUmwKZGpDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2s4WTZ4TEpWeThmTWl2dzNvZApGZHpobnQrb09ocHNnWGRwL2NBdlVoelZYYXZwb0tyRnpCVENKQzAyNC9WRjY3Z3lselFESnAxV29JaFR3R0FiCjJQd0h6R0x0SzZBMURKY0l6TzUvd3piMkYzTWxIcjFWTEFPMDk4U1JUOUowTE5HOEhHU0puZDdZTTg5SS9rb20KUm80QUhLaUt6WWVBb3VJT1FYQjArWHp1NTMybFlKd3oydVJ0RXRLSzdoY1NMajJMVHJ0M3BkVUJtaXlma08raQpxSHVTRFdLK25DcDNHM2hKdzc0dkY2R1I0SW5SLzR0azBtMGlJRUVhWEpRTk82TUZNYzVFTUlWMUZVSTZDWWM4CnRpaGdPaTVOdmhWd2RLZ0tPRk1iemMzQjhpR2dDMCtjUk9Xak1mTnUyQmJkT3pEaGVQakJJbVZZeXBlTWVUNDAKc0VNQ0F3RUFBYU5oTUY4d0RnWURWUjBQQVFIL0JBUURBZ0tFTUIwR0ExVWRKUVFXTUJRR0NDc0dBUVVGQndNQgpCZ2dyQmdFRkJRY0RBakFQQmdOVkhSTUJBZjhFQlRBREFRSC9NQjBHQTFVZERnUVdCQlRzV05GZTNqT1RhSVhZClMyUFBhWVdqR2poZzN6QU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FRRUFQMEhCM085cWswZDlvRFR0WU9rMVJLeTIKcHhDWG80cmlqenZzUW9KMjRuOXhUQkhxZ1V4bFFqWnhOWHVuV1RSUXMydnExMDRsL3JmcUgzekhqbkJrVWlUYgpLRitxZzd0ZmRGV1FiTDNDajRXL09QNG9LZCt6SlJ0WWZJZzFTT0IzcjJpVkNTUTRpODRUbjFDdGZxb09WOUxaCnhobXBmaHp5VXk1VjFvOXNpd0Z0bUczcUZubTcwc09xZTdHT09kQ3FUUzAvaTI0ZC9qNU0ramxDTUx2WUtPTFgKelY3NjREZUJlVXlxZ1lzWGZBa1dLYmNVOU5DbnBTRWZmM2QxaEJ0d0RGQnZjUjR5R0V1V1BOYUdiMUxlaXFMdgplU043b2VhYWpMWStFSENDMkNlTFovRitaWlVybDg4aGNBMEVuelJKU0diampXV3V2TGF6cTJkM0Q5VlRzUT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K",
    "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURjekNDQWx1Z0F3SUJBZ0lSQUlEN0hzMTJxL0g5bGRrVUtpZ3BCUXN3RFFZSktvWklodmNOQVFFTEJRQXcKTnpFWE1CVUdBMVVFQ2hNT1dtRnlaaUJEYjIxdGRXNXBkSGt4SERBYUJnTlZCQU1URTJOaExuQnlhWFpoZEdVdQplbUZ5Wmk1a1pYWXdIaGNOTWpNd01URTBNVGd4T1RFeldoY05NalF3TVRJME1UZ3hPVEV6V2pBMU1SVXdFd1lEClZRUUtFd3hhWVhKbUlFTnNkWE4wWlhJeEhEQWFCZ05WQkFNVEUyRm5aVzUwTFdodmIyc3VlbUZ5Wmk1emRtTXcKZ2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRRGxiSitMZTNRVE5ydzlMSjhPMFFkUwpmSHhWdU41SmYvamNXZ2wzVkd5T2hzQUFLWWEyVlJneTEwbGYyazRJWXlPZ29hRjh3NDB5aTRIUVlqOTV2a0dhCm92cldRSFJGWTl3SGlDWkFZNU5xMFYxN3A3ckdqVEd6bHZ0QVpUY1dmYzJQeDZ6aC9VdkVrRnNvUnZYRGVLMzkKNVUrNVY5aFQ3ZC9uN1VRSEt1cHpmWmVvcElqdUNDQW5ieWdWNXpXSS9XRGU4VEo0bkFkc1JEdzhEWnNNcE02bQovdm1LZERkSG9vclFwYXJPTVV4WlJGRnJFN3QvSkozdnBrZGVuYnRYYlVZSTk5MUJDd2RuS2xydjY3aWhzTW1XCmpZeGNzYTJzdFA2WXpXSFFsOUgreWF6cDkzRytIUkxwYVdrRVBRNndTSVdhYWNhNm8zV1g4NTRiaktCNGJwam4KQWdNQkFBR2pmREI2TUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUVEREFLQmdnckJnRUZCUWNEQVRBTQpCZ05WSFJNQkFmOEVBakFBTUI4R0ExVWRJd1FZTUJhQUZPeFkwVjdlTTVOb2hkaExZODlwaGFNYU9HRGZNQ1FHCkExVWRFUVFkTUJ1Q0UyRm5aVzUwTFdodmIyc3VlbUZ5Wmk1emRtT0hCSDhBQUFFd0RRWUpLb1pJaHZjTkFRRUwKQlFBRGdnRUJBSG9qSVlmVFpHcEtHLzdDUk53WU5ld09CaGs4MVc2eWxHd1QzMnpUWHdzRU16TkVtQW9sNkpRUApLaGQwSG52eDNIRTRuSEpsSTZPNlA5Z0h6SDJpMEpxYkxuVEQ2L0VXaVA5SFlpWGNCRmw5M1FjV2FBc3VSNE4wCjhKK056WStNQXNEdmwzU3UvTjdlbjNqbXdrUW9KekZlZlFVVjR6b0FHUzhReFdCY3VYZDgvMnpYc2JSM3YrNjkKL2tyNlVkT3pjZXZtMVpwS2grNEtSUzEva0dtVC92YTRVYVNMMUNySXlNNFRyUjN6a012b3RJU2JnNm9yVDR6aAorSFlkckxPWlpHODR6dm1VSkNrbElzdXhJaHNmRi9wcEJqdkpaYUZwMVc3UElja1JScEt0R1pYT1h3TjZ1ZHpZCmY2SEdFSjVlTXpsak55V0pkam83K2NTVW53UXkrUVE9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K",
    "key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcFFJQkFBS0NBUUVBNVd5ZmkzdDBFemE4UFN5ZkR0RUhVbng4VmJqZVNYLzQzRm9KZDFSc2pvYkFBQ21HCnRsVVlNdGRKWDlwT0NHTWpvS0doZk1PTk1vdUIwR0kvZWI1Qm1xTDYxa0IwUldQY0I0Z21RR09UYXRGZGU2ZTYKeG8weHM1YjdRR1UzRm4zTmo4ZXM0ZjFMeEpCYktFYjF3M2l0L2VWUHVWZllVKzNmNSsxRUJ5cnFjMzJYcUtTSQo3Z2dnSjI4b0ZlYzFpUDFnM3ZFeWVKd0hiRVE4UEEyYkRLVE9wdjc1aW5RM1I2S0swS1dxempGTVdVUlJheE83CmZ5U2Q3NlpIWHAyN1YyMUdDUGZkUVFzSFp5cGE3K3U0b2JESmxvMk1YTEd0ckxUK21NMWgwSmZSL3NtczZmZHgKdmgwUzZXbHBCRDBPc0VpRm1tbkd1cU4xbC9PZUc0eWdlRzZZNXdJREFRQUJBb0lCQUVwNFZOMTR5RGZJWjVmUAoyUjE5R2t4YkhoelJNazVYWE5kaDNucStpN0pENlNUa1ZkYnZqamhLaTRXeW5ldTVDb0tFbEorajlqdzI3bjlPCnROMzJ0T0xXRG1mbmFoWndFS2JkT2RWaXZTSktMWGNLL2VTZlJrZk9OV1kwdEluM2NmYyswRTVXNHZZK0NXanMKaDYvWWgxbkh5bllXSHFFM3NKdGU5OXIvd2pTVUxWRUorZTJPRFNFOFNwbzlJdm5oZk85MHptZllXTUorL2xQVgpGK3IwR011Sk1OSktEakdTd0pUa21KR3lScFZ3WGNJYVYxbXJtQU9pV1BCK1N0R0pLdERwOC9NVmR3YkcvN2s5CmVhNlJHSlp0cXZzU0pHRkM5Z3ZSRldvU2JqZVZsa2ZMS0xjUithVEc4bEtLbmlDNlZrNktCRzBUNmVnYm80UkwKRVd1M05Ca0NnWUVBL3g4c3ZSWUVCVXJPbmp5UnB3RzJrY0M4RWxLaU8zRlFXT1dERXRQRGlaWkpxV3JUdVBEWQpqUXBRc2lkZnhsNUY4RjFIVGlNeHYzOEpKb3Jqa2dERDVqbWxNYS85c2N3aERGa3FpdVJ1UHhEbzBCRkxHOXJ0CjFkUjlaaFpJWVk0ZmpJZVlnK1ZSVmt4Z2Jzb3lCNWZ1UUkyYzBsNEN3cDNILzRlUXVsY1NoYTBDZ1lFQTVqYk4KZXA2bWFXZU9FWFJBWDgvbGV1RmovL01RRUlRWWN4WXdxanJVVE5UbU53bnhiYmw0QUdjRkxocHhmUWZTa3FjTQoveEV1a3RQTFAyNTRWT0UxcWF4OHQvOVFvSnhmTUJkK0I1cGFFK3VhMDV1THZNQ0VYZDBaMmZodWprVzBsZkN1CkZUVVp3Y0ZETDFPNWMvWit5dWZ5MEdRVnNiYWcrdGdFY2xFL1kyTUNnWUVBNCtwQjJacTFkTlRqeVZGcS9idjIKRWpnUXpIMnVHVlNkNXcwREQrckhJVDkyQnpnOGRWZ1UzY3Q5VStzQkVRSmZrT0NFTnpZUjEzWHlBdERKaFVIUgp3UGQyc1BEOHY3NFJPQ3JnYXJ5d0VQOVdQYXQxWWlrdm1Id0FteGNGQ3NJaFJUWk45bWNEUndsc2pRMXRySUw2Cmdna0JOSjV2OE5Wc09zZ3RiNHNpTFBFQ2dZRUF0QmRDL3gyRkNRZmRkNEg5cWZZMGlzQXZQbGFpeG9qUHA1aEEKVWFyYjBZN3EyVHVLQmxBRXRDdmpQWUdxTGlra2JWMEpLYkFEUXhFeitsY3RBeGw2cFZVdDY3SnJISG0zYlNPegpqN2NMcUhHekdMNmh2ZkxNbWJFUlBCYkFSY1A1MVNJR3pNaFJjZVVCN2RBTlQ4NFF1aUpoTE94ZW5EdEdDM1ZaClpTUng5Z2tDZ1lFQW53OUhTMjQ2NVZTRlRudXR2OXUxMlpZMkp0bWwxZE5ZRkIvdForYTkydUxXL1Fkd1Q4YVEKbjNUTkxIa1kwMVlhRnZuVTN2TWZJT1RTbU0zekRHL1hDVll1VWg2MXB3K1lyRFNwRFVraktFMDEyY0l4eXlHZApZR3J3L2dTd0t0SmoxS3BNY01sVllmR1Z3T29XV3RVYWpKbWlxMXNOYlhVSWRPdFdPSmZuN0xBPQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo="
  },
  "gitServer": {
    "pushUsername": "zarf-git-user",
    "pushPassword": "IZuB4QGf6J8Ku2z6N1s8X2VI",
    "pullUsername": "zarf-git-read-user",
    "pullPassword": "ksCvpGrQqmHTh8EMXCve~QfS",
    "address": "http://zarf-gitea-http.zarf.svc.cluster.local:3000",
    "internalServer": true
  },
  "registryInfo": {
    "pushUsername": "zarf-push",
    "pushPassword": "cIjeA8jAAFofS4GLLM!p9CtG",
    "pullUsername": "zarf-pull",
    "pullPassword": "kNxKEXhC4QZnX3HPyWaiRDet",
    "address": "http://127.0.0.1:31999",
    "nodePort": 31999,
    "internalRegistry": true,
    "secret": "M230gy2lwgjEBqgBRpBebsxi6ebLc-peudQibA!T4teGyJx0"
  },
  "loggingSecret": "kORycrZT4NOoD2aQz13J!VK-"
}