Skip to content

zarf tools update-creds

zarf tools update-creds

Updates the credentials for deployed Zarf services. Pass a service key to update credentials for a single service

Synopsis

Updates the credentials for deployed Zarf services. Pass a service key to update credentials for a single service. i.e. ‘zarf tools update-creds registry’

zarf tools update-creds [flags]

Examples

# Autogenerate all Zarf credentials at once:
$ zarf tools update-creds
# Autogenerate specific Zarf service credentials:
$ zarf tools update-creds registry
$ zarf tools update-creds git
$ zarf tools update-creds artifact
$ zarf tools update-creds agent
# Update all Zarf credentials w/external services at once:
$ zarf tools update-creds \
--registry-push-username={USERNAME} --registry-push-password={PASSWORD} \
--git-push-username={USERNAME} --git-push-password={PASSWORD} \
--artifact-push-username={USERNAME} --artifact-push-token={PASSWORD}
# NOTE: Any credentials omitted from flags without a service key specified will be autogenerated - URLs will only change if specified.
# Config options can also be set with the 'init' section of a Zarf config file.
# Update specific Zarf credentials w/external services:
$ zarf tools update-creds registry --registry-push-username={USERNAME} --registry-push-password={PASSWORD}
$ zarf tools update-creds git --git-push-username={USERNAME} --git-push-password={PASSWORD}
$ zarf tools update-creds artifact --artifact-push-username={USERNAME} --artifact-push-token={PASSWORD}
# NOTE: Not specifying a pull username/password will keep the previous pull username/password.

Options

--artifact-push-token string [alpha] API Token for the push-user to access the artifact registry
--artifact-push-username string [alpha] Username to access to the artifact registry Zarf is configured to use. User must be able to upload package artifacts.
--artifact-url string [alpha] External artifact registry url to use for this Zarf cluster
--confirm Confirm updating credentials without prompting
--git-pull-password string Password for the pull-only user to access the git server
--git-pull-username string Username for pull-only access to the git server
--git-push-password string Password for the push-user to access the git server
--git-push-username string Username to access to the git server Zarf is configured to use. User must be able to create repositories via 'git push'
--git-url string External git server url to use for this Zarf cluster
-h, --help help for update-creds
--registry-pull-password string Password for the pull-only user to access the registry
--registry-pull-username string Username for pull-only access to the registry
--registry-push-password string Password for the push-user to connect to the registry
--registry-push-username string Username to access to the registry Zarf is configured to use
--registry-url string External registry url address to use for this Zarf cluster

Options inherited from parent commands

-a, --architecture string Architecture for OCI images and Zarf packages
--insecure-skip-tls-verify Skip checking server's certificate for validity. This flag should only be used if you have a specific reason and accept the reduced security posture.
--log-format string [beta] Select a logging format. Defaults to 'console'. Valid options are: 'console', 'json', 'dev'
-l, --log-level string Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
--no-color Disable colors in output
--no-log-file Disable log file creation
--no-progress Disable fancy UI progress bars, spinners, logos, etc
--plain-http Force the connections over HTTP instead of HTTPS. This flag should only be used if you have a specific reason and accept the reduced security posture.
--tmpdir string Specify the temporary directory to use for intermediate files
--zarf-cache string Specify the location of the Zarf cache directory (default "~/.zarf-cache")

SEE ALSO

  • zarf tools - Collection of additional tools to make airgap easier