In some scenarios, build operations require credentials or other configuration data to access dependent resources, but it is undesirable for that information to be placed in source control. You can define input secrets and input ConfigMaps for this purpose.
To add an input secret and/or ConfigMap to an existing BuildConfig
:
-
Create the ConfigMap, if it does not exist:
$ oc create configmap settings-mvn \ --from-file=settings.xml=<path/to/settings.xml>
This creates a new ConfigMap named settings-mvn, which contains the plain text content of the settings.xml file.
-
Create the secret, if it does not exist:
$ oc create secret generic secret-mvn \ --from-file=id_rsa=<path/to/.ssh/id_rsa>
This creates a new secret named secret-mvn, which contains the base64 encoded content of the id_rsa private key.
-
Add the ConfigMap and secret to the
source
section in the existingBuildConfig
:source: git: uri: https://github.com/wildfly/quickstart.git contextDir: helloworld configMaps: - configMap: name: settings-mvn secrets: - secret: name: secret-mvn
To include the secret and ConfigMap in a new BuildConfig
, run the following
command:
$ oc new-build \ openshift/wildfly-101-centos7~https://github.com/wildfly/quickstart.git \ --context-dir helloworld --build-secret “secret-mvn” \ --build-config-map "settings-mvn"
During the build, the settings.xml and id_rsa files are copied into the
directory where the source code is located. In {product-title} S2I builder
images, this is the image working directory, which is set using the WORKDIR
instruction in the Dockerfile. If you want to specify another directory,
add a destinationDir
to the definition:
source:
git:
uri: https://github.com/wildfly/quickstart.git
contextDir: helloworld
configMaps:
- configMap:
name: settings-mvn
destinationDir: ".m2"
secrets:
- secret:
name: secret-mvn
destinationDir: ".ssh"
You can also specify the destination directory when creating a new
BuildConfig
:
$ oc new-build \ openshift/wildfly-101-centos7~https://github.com/wildfly/quickstart.git \ --context-dir helloworld --build-secret “secret-mvn:.ssh” \ --build-config-map "settings-mvn:.m2"
In both cases, the settings.xml file is added to the ./.m2 directory of the build environment, and the id_rsa key is added to the ./.ssh directory.