openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
3578cab0207c4a985c0790fecd13e7b520fcbef8
openshift-docs/modules/builds-adding-input-secrets-configmaps.adoc

124 lines
3.6 KiB
Plaintext
Raw Blame History

:_mod-docs-content-type: PROCEDURE
[id="builds-adding-input-secrets-configmaps_{context}"]
= Adding input secrets and config maps
To provide credentials and other configuration data to a build without placing them in source control, you can define input secrets and input config maps.
In some scenarios, build operations require credentials or other configuration data to access dependent resources. To make that information available without placing it in source control, you can define input secrets and input config maps.
.Procedure
To add an input secret, config maps, or both to an existing `BuildConfig` object:
. If the `ConfigMap` object does not exist, create it by entering the following command:
+
[source,terminal]
----
$ oc create configmap settings-mvn \
--from-file=settings.xml=<path/to/settings.xml>
----
+
This creates a new config map named `settings-mvn`, which contains the plain text content of the `settings.xml` file.
+
[TIP]
====
You can alternatively apply the following YAML to create the config map:
[source,yaml]
----
apiVersion: core/v1
kind: ConfigMap
metadata:
name: settings-mvn
data:
settings.xml: |
<settings>
… # Insert maven settings here
</settings>
----
====
. If the `Secret` object does not exist, create it by entering the following command:
+
[source,terminal]
----
$ oc create secret generic secret-mvn \
--from-file=ssh-privatekey=<path/to/.ssh/id_rsa> \
--type=kubernetes.io/ssh-auth
----
+
This creates a new secret named `secret-mvn`, which contains the base64 encoded content of the `id_rsa` private key.
+
[TIP]
====
You can alternatively apply the following YAML to create the input secret:
[source,yaml]
----
apiVersion: core/v1
kind: Secret
metadata:
name: secret-mvn
type: kubernetes.io/ssh-auth
data:
ssh-privatekey: |
# Insert ssh private key, base64 encoded
----
====
. Add the config map and secret to the `source` section in the existing
`BuildConfig` object:
+
[source,yaml]
----
source:
git:
uri: https://github.com/wildfly/quickstart.git
contextDir: helloworld
configMaps:
- configMap:
name: settings-mvn
secrets:
- secret:
name: secret-mvn
----
. To include the secret and config map in a new `BuildConfig` object, enter the following command:
+
[source,terminal]
----
$ oc new-build \
openshift/wildfly-101-centos7~https://github.com/wildfly/quickstart.git \
--context-dir helloworld --build-secret “secret-mvn” \
--build-config-map "settings-mvn"
----
+
During the build, the build process copies the `settings.xml` and `id_rsa` files into the directory where the source code is located. In {product-title} S2I builder images, this is the image working directory, which is set using the `WORKDIR` instruction in the `Dockerfile`. If you want to specify another directory, add a `destinationDir` to the definition:
+
[source,yaml]
----
source:
git:
uri: https://github.com/wildfly/quickstart.git
contextDir: helloworld
configMaps:
- configMap:
name: settings-mvn
destinationDir: ".m2"
secrets:
- secret:
name: secret-mvn
destinationDir: ".ssh"
----
+
You can also specify the destination directory when creating a new `BuildConfig` object by entering the following command:
+
[source,terminal]
----
$ oc new-build \
openshift/wildfly-101-centos7~https://github.com/wildfly/quickstart.git \
--context-dir helloworld --build-secret “secret-mvn:.ssh” \
--build-config-map "settings-mvn:.m2"
----
+
In both cases, the `settings.xml` file is added to the `./.m2` directory of the build environment, and the `id_rsa` key is added to the `./.ssh` directory.
View Git Blame Copy Permalink