openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
1d4906ce3d77947a5b8dcaa6b482dac5427bc62c
openshift-docs/modules/builds-gitconfig-file-secured-git.adoc
Kathryn Alexander 1d4906ce3d no to 'need to'
2019-04-16 09:14:21 -04:00

69 lines
2.1 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// <List assemblies here, each on a new line>
//* assembly/builds
// This module can be included from assemblies using the following include statement:
// include::<path>/builds-gitconfig-file-secured-git.adoc[leveloffset=+1]
[id="source-secrets-gitconfig-file-for-secured-git-{context}"]
= Creating a secret from a .gitconfig file for secured Git
If your Git server is secured with two-way SSL and user name with password,
you must add the certificate files to your source build and add references to
the certificate files in the *_.gitconfig_* file.
.Prerequisites
* Git credentials
.Procedure
Add the certificate files to your source build and add references to
the certificate files in the *_.gitconfig_* file.
. Add the *_client.crt_*, *_cacert.crt_*, and *_client.key_* files to the
*_/var/run/secrets/openshift.io/source/_* folder in the application
source code.
. In the *_.gitconfig_* file for the server, add the `[http]` section
shown in the following example:
+
----
# cat .gitconfig
[user]
name = <name>
email = <email>
[http]
sslVerify = false
sslCert = /var/run/secrets/openshift.io/source/client.crt
sslKey = /var/run/secrets/openshift.io/source/client.key
sslCaInfo = /var/run/secrets/openshift.io/source/cacert.crt
----
. Create the secret:
+
----
$ oc create secret generic <secret_name> \
--from-literal=username=<user_name> \ <1>
--from-literal=password=<password> \ <2>
--from-file=.gitconfig=.gitconfig \
--from-file=client.crt=/var/run/secrets/openshift.io/source/client.crt \
--from-file=cacert.crt=/var/run/secrets/openshift.io/source/cacert.crt \
--from-file=client.key=/var/run/secrets/openshift.io/source/client.key
----
<1> The user's Git user name.
<2> The password for this user.
[IMPORTANT]
====
To avoid having to enter your password again, be sure to specify the S2I image in
your builds. However, if you cannot clone the repository, you still must
specify your user name and password to promote the build.
====
.Additional resources
* *_/var/run/secrets/openshift.io/source/_* folder in the application
source code.
View Git Blame Copy Permalink