Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

operator extensible pipeline credentials (-creds-image) #989

Closed
objectiveous opened this issue Jun 18, 2019 · 7 comments
Closed

operator extensible pipeline credentials (-creds-image) #989

objectiveous opened this issue Jun 18, 2019 · 7 comments
Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/design Categorizes issue or PR as related to design. kind/feature Categorizes issue or PR as related to a new feature. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.

Comments

@objectiveous
Copy link

Background

Tekton currently has support for the provisioning of Build Tooling Configuration. For example, we have support for docker config (/builder/home/.docker/config.json) and git credentials (/builder/home/.ssh, /builder/home/..git-credentials, etc) but the provisioning mechanism is not extensible to Tekton operators (the human kind, not controllers).

By way of example, consider the use of gradle with an onprem artifact repository that requires credentials. In this scenario, gradle requires the existence of /builder/home/.gradle/gradle.properties:

artifactory_user=$USER
artifactory_password=$TOKEN
artifactory_contextUrl=https://artifacts.corp.com

Enhancement Request

Please consider making the provisioning of tooling configuration an extension point of tekton.

Proposed Design

TBD
@vdemeester
Copy link
Member

This is also a bit related to #238 as it would be nice to have a extensiblitiy mecanisms for initializer too

/kind feature
/kind design

@tekton-robot tekton-robot added kind/feature Categorizes issue or PR as related to a new feature. kind/design Categorizes issue or PR as related to design. labels Jun 18, 2019
@bobcatfish bobcatfish added the help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. label Jan 17, 2020
@bobcatfish bobcatfish modified the milestones: Pipelines 1.0/beta 🐱, Pipelines 1.1 / Post-beta 🐱 Mar 16, 2020
@afrittoli afrittoli removed this from the Pipelines Post-beta 🐱 milestone May 4, 2020
@ghost
Copy link

ghost commented May 4, 2020

This issue relates to, and is perhaps superceded by, #2343 which is a more recent proposal for making credentials a declarable part of a Task's description.

@jlpettersson
Copy link
Member

This can be done as by mounting the secret in a projected volume

Create a secret from your gradle.properties

kubectl create secret generic gradle-secret --from-file=gradle.properties

A "dummy-task", as an example how to access the gradle.properties file in a Task

apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: gradle-dummy-task
spec:
  steps:
  - name: print-gradle-secret
    image: ubuntu
    script: cat /builder/home/.gradle/gradle.properties
    volumeMounts:
    - mountPath: /builder/home/.gradle
      name: gradle-properties
  volumes:
  - name: gradle-properties
    projected:
      sources:
      - secret:
          name: gradle-secret
          items:
          - key: gradle.properties
            path: gradle.properties

This was referenced May 7, 2020
Closed
Closed
@tekton-robot
Copy link
Collaborator

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.

/lifecycle rotten

Send feedback to tektoncd/plumbing.

@tekton-robot
Copy link
Collaborator

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.

/lifecycle stale

Send feedback to tektoncd/plumbing.

@tekton-robot tekton-robot added the lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. label Aug 14, 2020
@tekton-robot
Copy link
Collaborator

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

/close

Send feedback to tektoncd/plumbing.

@tekton-robot tekton-robot added lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. and removed lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. labels Aug 14, 2020
@tekton-robot
Copy link
Collaborator

@tekton-robot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

/close

Send feedback to tektoncd/plumbing.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/design Categorizes issue or PR as related to design. kind/feature Categorizes issue or PR as related to a new feature. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@vdemeester @objectiveous @bobcatfish @jlpettersson @afrittoli @tekton-robot