mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-06 06:46:26 +01:00
111 lines
3.3 KiB
Plaintext
111 lines
3.3 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * openshift_images/using-templates.adoc
|
|
|
|
[id="templates-exposing-object-fields_{context}"]
|
|
= Exposing template object fields
|
|
|
|
Template authors can indicate that fields of particular objects in a template
|
|
should be exposed. The {tsb-name} recognizes exposed fields on
|
|
`ConfigMap`, `Secret`, `Service`, and `Route` objects, and returns the values of the
|
|
exposed fields when a user binds a service backed by the broker.
|
|
|
|
To expose one or more fields of an object, add annotations prefixed by
|
|
`template.openshift.io/expose-` or `template.openshift.io/base64-expose-` to
|
|
the object in the template.
|
|
|
|
Each annotation key, with its prefix removed, is passed through to become a key
|
|
in a `bind` response.
|
|
|
|
Each annotation value is a Kubernetes JSONPath expression, which is resolved at
|
|
bind time to indicate the object field whose value should be returned in the
|
|
`bind` response.
|
|
|
|
[NOTE]
|
|
====
|
|
`Bind` response key/value pairs can be used in other parts of the system as
|
|
environment variables. Therefore, it is recommended that every annotation key
|
|
with its prefix removed should be a valid environment variable name --
|
|
beginning with a character `A-Z`, `a-z`, or `pass:[_]`, and being followed by zero or
|
|
more characters `A-Z`, `a-z`, `0-9`, or `pass:[_]`.
|
|
====
|
|
|
|
[NOTE]
|
|
====
|
|
Unless escaped with a backslash, Kubernetes' JSONPath implementation interprets
|
|
characters such as `.`, `@`, and others as metacharacters, regardless of their
|
|
position in the expression. Therefore, for example, to refer to a `ConfigMap`
|
|
datum named `my.key`, the required JSONPath expression would be
|
|
`{.data['my\.key']}`. Depending on how the JSONPath expression is then written in YAML,
|
|
an additional backslash might be required, for example `"{.data['my\\.key']}"`.
|
|
====
|
|
|
|
The following is an example of different objects' fields being exposed:
|
|
|
|
[source,yaml]
|
|
----
|
|
kind: Template
|
|
apiVersion: v1
|
|
metadata:
|
|
name: my-template
|
|
objects:
|
|
- kind: ConfigMap
|
|
apiVersion: v1
|
|
metadata:
|
|
name: my-template-config
|
|
annotations:
|
|
template.openshift.io/expose-username: "{.data['my\\.username']}"
|
|
data:
|
|
my.username: foo
|
|
- kind: Secret
|
|
apiVersion: v1
|
|
metadata:
|
|
name: my-template-config-secret
|
|
annotations:
|
|
template.openshift.io/base64-expose-password: "{.data['password']}"
|
|
stringData:
|
|
password: bar
|
|
- kind: Service
|
|
apiVersion: v1
|
|
metadata:
|
|
name: my-template-service
|
|
annotations:
|
|
template.openshift.io/expose-service_ip_port: "{.spec.clusterIP}:{.spec.ports[?(.name==\"web\")].port}"
|
|
spec:
|
|
ports:
|
|
- name: "web"
|
|
port: 8080
|
|
- kind: Route
|
|
apiVersion: v1
|
|
metadata:
|
|
name: my-template-route
|
|
annotations:
|
|
template.openshift.io/expose-uri: "http://{.spec.host}{.spec.path}"
|
|
spec:
|
|
path: mypath
|
|
----
|
|
|
|
An example response to a `bind` operation given the above partial template
|
|
follows:
|
|
|
|
[source,json]
|
|
----
|
|
{
|
|
"credentials": {
|
|
"username": "foo",
|
|
"password": "YmFy",
|
|
"service_ip_port": "172.30.12.34:8080",
|
|
"uri": "http://route-test.router.default.svc.cluster.local/mypath"
|
|
}
|
|
}
|
|
----
|
|
|
|
.Procedure
|
|
|
|
* Use the `template.openshift.io/expose-` annotation to return the field value as
|
|
a string. This is convenient, although it does not handle arbitrary binary data.
|
|
|
|
* If you want to return binary data, use the
|
|
`template.openshift.io/base64-expose-` annotation instead to base64 encode the
|
|
data before it is returned.
|