openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
b77bdd24f8fa2b9f7cd7f23904adc2875eb3ed3d
openshift-docs/modules/builds-adding-input-secrets-configmaps.adoc
Kathryn Alexander 90d985a0bb [enterprise-4.14] changing content type attribute
2023-10-30 10:13:25 -04:00

124 lines
3.5 KiB
Plaintext
Raw Blame History

:_mod-docs-content-type: PROCEDURE
[id="builds-adding-input-secrets-configmaps_{context}"]
= Adding input secrets and config maps
To provide credentials and other configuration data to a build without placing them in source control, you can define input secrets and input config maps.
In some scenarios, build operations require credentials or other configuration data to access dependent resources. To make that information available without placing it in source control, you can define input secrets and input config maps.
.Procedure
To add an input secret, config maps, or both to an existing `BuildConfig` object:
. Create the `ConfigMap` object, if it does not exist:
+
[source,terminal]
----
$ oc create configmap settings-mvn \
--from-file=settings.xml=<path/to/settings.xml>
----
+
This creates a new config map named `settings-mvn`, which contains the plain text content of the `settings.xml` file.
+
[TIP]
====
You can alternatively apply the following YAML to create the config map:
[source,yaml]
----
apiVersion: core/v1
kind: ConfigMap
metadata:
name: settings-mvn
data:
settings.xml: |
<settings>
… # Insert maven settings here
</settings>
----
====
. Create the `Secret` object, if it does not exist:
+
[source,terminal]
----
$ oc create secret generic secret-mvn \
--from-file=ssh-privatekey=<path/to/.ssh/id_rsa>
--type=kubernetes.io/ssh-auth
----
+
This creates a new secret named `secret-mvn`, which contains the base64 encoded content of the `id_rsa` private key.
+
[TIP]
====
You can alternatively apply the following YAML to create the input secret:
[source,yaml]
----
apiVersion: core/v1
kind: Secret
metadata:
name: secret-mvn
type: kubernetes.io/ssh-auth
data:
ssh-privatekey: |
# Insert ssh private key, base64 encoded
----
====
. Add the config map and secret to the `source` section in the existing
`BuildConfig` object:
+
[source,yaml]
----
source:
git:
uri: https://github.com/wildfly/quickstart.git
contextDir: helloworld
configMaps:
- configMap:
name: settings-mvn
secrets:
- secret:
name: secret-mvn
----
To include the secret and config map in a new `BuildConfig` object, run the following command:
[source,terminal]
----
$ oc new-build \
openshift/wildfly-101-centos7~https://github.com/wildfly/quickstart.git \
--context-dir helloworld --build-secret “secret-mvn” \
--build-config-map "settings-mvn"
----
During the build, the `settings.xml` and `id_rsa` files are copied into the directory where the source code is located. In {product-title} S2I builder images, this is the image working directory, which is set using the `WORKDIR` instruction in the `Dockerfile`. If you want to specify another directory, add a `destinationDir` to the definition:
[source,yaml]
----
source:
git:
uri: https://github.com/wildfly/quickstart.git
contextDir: helloworld
configMaps:
- configMap:
name: settings-mvn
destinationDir: ".m2"
secrets:
- secret:
name: secret-mvn
destinationDir: ".ssh"
----
You can also specify the destination directory when creating a new `BuildConfig` object:
[source,terminal]
----
$ oc new-build \
openshift/wildfly-101-centos7~https://github.com/wildfly/quickstart.git \
--context-dir helloworld --build-secret “secret-mvn:.ssh” \
--build-config-map "settings-mvn:.m2"
----
In both cases, the `settings.xml` file is added to the `./.m2` directory of the build environment, and the `id_rsa` key is added to the `./.ssh` directory.
View Git Blame Copy Permalink