openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
ce0490bd9101aa434c489f63972314aa1ea76b45
openshift-docs/modules/builds-gitconfig-file-secured-git.adoc

65 lines
2.1 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * builds/creating-build-inputs.adoc
:_mod-docs-content-type: PROCEDURE
[id="builds-gitconfig-file-secured-git_{context}"]
= Creating a secret from a .gitconfig file for secured Git
If your Git server is secured with two-way SSL and user name with password, you must add the certificate files to your source build and add references to the certificate files in the `.gitconfig` file.
.Prerequisites
* You must have Git credentials.
.Procedure
Add the certificate files to your source build and add references to the certificate files in the `.gitconfig` file.
. Add the `client.crt`, `cacert.crt`, and `client.key` files to the `/var/run/secrets/openshift.io/source/` folder in the application source code.
. In the `.gitconfig` file for the server, add the `[http]` section shown in the following example:
+
[source,terminal]
----
# cat .gitconfig
----
+
.Example output
[source,terminal]
----
[user]
name = <name>
email = <email>
[http]
sslVerify = false
sslCert = /var/run/secrets/openshift.io/source/client.crt
sslKey = /var/run/secrets/openshift.io/source/client.key
sslCaInfo = /var/run/secrets/openshift.io/source/cacert.crt
----
. Create the secret:
+
[source,terminal]
----
$ oc create secret generic <secret_name> \
--from-literal=username=<user_name> \// <1>
--from-literal=password=<password> \// <2>
--from-file=.gitconfig=.gitconfig \
--from-file=client.crt=/var/run/secrets/openshift.io/source/client.crt \
--from-file=cacert.crt=/var/run/secrets/openshift.io/source/cacert.crt \
--from-file=client.key=/var/run/secrets/openshift.io/source/client.key
----
<1> The user's Git user name.
<2> The password for this user.
[IMPORTANT]
====
To avoid having to enter your password again, be sure to specify the source-to-image (S2I) image in your builds. However, if you cannot clone the repository, you must still specify your user name and password to promote the build.
====
[role="_additional-resources"]
.Additional resources
* `/var/run/secrets/openshift.io/source/` folder in the application source code.
View Git Blame Copy Permalink