mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 21:46:22 +01:00
122 lines
2.5 KiB
Plaintext
122 lines
2.5 KiB
Plaintext
// Module included in the following assemblies:
|
|
// * builds/creating-build-inputs.adoc
|
|
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="builds-using-secrets_{context}"]
|
|
= Using secrets
|
|
|
|
After creating secrets, you can create a pod to reference your secret, get logs, and delete the pod.
|
|
|
|
.Procedure
|
|
|
|
. Create the pod to reference your secret:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc create -f <your_yaml_file>.yaml
|
|
----
|
|
|
|
. Get the logs:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc logs secret-example-pod
|
|
----
|
|
|
|
. Delete the pod:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc delete pod secret-example-pod
|
|
----
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* Example YAML files with secret data:
|
|
+
|
|
.YAML Secret That Will Create Four Files
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: test-secret
|
|
data:
|
|
username: <username> <1>
|
|
password: <password> <2>
|
|
stringData:
|
|
hostname: myapp.mydomain.com <3>
|
|
secret.properties: |- <4>
|
|
property1=valueA
|
|
property2=valueB
|
|
----
|
|
<1> File contains decoded values.
|
|
<2> File contains decoded values.
|
|
<3> File contains the provided string.
|
|
<4> File contains the provided data.
|
|
+
|
|
.YAML of a pod populating files in a volume with secret data
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: secret-example-pod
|
|
spec:
|
|
containers:
|
|
- name: secret-test-container
|
|
image: busybox
|
|
command: [ "/bin/sh", "-c", "cat /etc/secret-volume/*" ]
|
|
volumeMounts:
|
|
# name must match the volume name below
|
|
- name: secret-volume
|
|
mountPath: /etc/secret-volume
|
|
readOnly: true
|
|
volumes:
|
|
- name: secret-volume
|
|
secret:
|
|
secretName: test-secret
|
|
restartPolicy: Never
|
|
----
|
|
+
|
|
.YAML of a pod populating environment variables with secret data
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: secret-example-pod
|
|
spec:
|
|
containers:
|
|
- name: secret-test-container
|
|
image: busybox
|
|
command: [ "/bin/sh", "-c", "export" ]
|
|
env:
|
|
- name: TEST_SECRET_USERNAME_ENV_VAR
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: test-secret
|
|
key: username
|
|
restartPolicy: Never
|
|
----
|
|
+
|
|
.YAML of a Build Config Populating Environment Variables with Secret Data
|
|
[source,yaml]
|
|
----
|
|
apiVersion: build.openshift.io/v1
|
|
kind: BuildConfig
|
|
metadata:
|
|
name: secret-example-bc
|
|
spec:
|
|
strategy:
|
|
sourceStrategy:
|
|
env:
|
|
- name: TEST_SECRET_USERNAME_ENV_VAR
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: test-secret
|
|
key: username
|
|
----
|