Skip to content

Latest commit

 

History

History
100 lines (85 loc) · 2.85 KB

builds-adding-input-secrets-configmaps.adoc

File metadata and controls

100 lines (85 loc) · 2.85 KB

Adding input secrets and ConfigMaps

In some scenarios, build operations require credentials or other configuration data to access dependent resources, but it is undesirable for that information to be placed in source control. You can define input secrets and input ConfigMaps for this purpose.

Procedure

To add an input secret and/or ConfigMap to an existing BuildConfig:

  1. Create the ConfigMap, if it does not exist:

    $ oc create configmap settings-mvn \
    --from-file=settings.xml=<path/to/settings.xml>

    This creates a new ConfigMap named settings-mvn, which contains the plain text content of the settings.xml file.

  2. Create the secret, if it does not exist:

    $ oc create secret generic secret-mvn \
    --from-file=id_rsa=<path/to/.ssh/id_rsa>

    This creates a new secret named secret-mvn, which contains the base64 encoded content of the id_rsa private key.

  3. Add the ConfigMap and secret to the source section in the existing BuildConfig:

    source:
  git:
    uri: https://github.com/wildfly/quickstart.git
  contextDir: helloworld
  configMaps:
    - configMap:
        name: settings-mvn
  secrets:
    - secret:
        name: secret-mvn

To include the secret and ConfigMap in a new BuildConfig, run the following command:

$ oc new-build \
    openshift/wildfly-101-centos7~https://github.com/wildfly/quickstart.git \
    --context-dir helloworld --build-secret “secret-mvn” \
    --build-config-map "settings-mvn"

During the build, the settings.xml and id_rsa files are copied into the directory where the source code is located. In {product-title} S2I builder images, this is the image working directory, which is set using the WORKDIR instruction in the Dockerfile. If you want to specify another directory, add a destinationDir to the definition:

source:
  git:
    uri: https://github.com/wildfly/quickstart.git
  contextDir: helloworld
  configMaps:
    - configMap:
        name: settings-mvn
      destinationDir: ".m2"
  secrets:
    - secret:
        name: secret-mvn
      destinationDir: ".ssh"

You can also specify the destination directory when creating a new BuildConfig:

$ oc new-build \
    openshift/wildfly-101-centos7~https://github.com/wildfly/quickstart.git \
    --context-dir helloworld --build-secret “secret-mvn:.ssh” \
    --build-config-map "settings-mvn:.m2"

In both cases, the settings.xml file is added to the ./.m2 directory of the build environment, and the id_rsa key is added to the ./.ssh directory.