Uploaded image for project: 'OpenShift Builds'
  1. OpenShift Builds
  2. BUILD-78

SPIKE - R&D Secret Volume Mounts

XMLWordPrintable

    • Sprint 200, Sprint 201

      Spike

      Builds need a generalizable way for content to be injected into builds in such a way that they are not present in any layer within the image.
      In OpenShift 3.x we had a means of secretly mounting RHEL entitlements on the node in such a way that they could be consumed by RHEL-based containers. Regular build secrets did not do this - secret content was copied in, then truncated/deleted in a separate step.

      Potential use cases:

      1. Inject RHEL entitlements
      2. Credentials for Maven/Nexus repos

      Questions to address:

      1. Should this behavior be applied to all build secrets?

      Acceptance Criteria

      1. Enhancement proposal with an implementable execution plan. https://github.com/openshift/enhancements/pull/733
      2. JIRA story/stories for a future release.

      Notes

            adkaplan@redhat.com Adam Kaplan
            adkaplan@redhat.com Adam Kaplan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: