Uploaded image for project: 'OpenShift GitOps'
  1. OpenShift GitOps
  2. GITOPS-5053

Create secrets for konflux

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • None
    • 5
    • GitOps Crimson - Sprint 3261, GitOps Crimson - Sprint 3262, GitOps Crimson - Sprint 3263

      Story (Required)

      As a user of gitops with konflux, I want konflux to use the secrets provided by me to build everything correctly. 

      Background (Required)
      From the konflux documentation on secrets

      Secrets can be categorized depending on when they need to be added.

      1. Before a component is added. If a secret is needed to access the source control platform like GitLab, you must create a secret before you create the component.
      1. Before a build succeeds. Some artifact build tasks need specific secrets to be able to pull all of the content to include in the final artifact. For example, you can add secrets for container registries after you create the component but they must be provided before a successful build can occur.
      1. After a component has been onboarded. These secrets are often used in tasks. The tasks included in the {Konflux} pipelines will not fail if a secret is not created properly. Instead, the task will just not run the code like with snyk.

       

      We will need to add registry pull secrets and source code pull secrets to our components, and possibly task input secrets (depending on what tasks we decide to customize in our build pipeline). 
       

      Out of scope

      • Adding applications/components
      • Adding customizations to build pipeline

      Approach (Required)

      Follow the konflux documentation on secrets 

      Dependencies

      Depends on what applications/components we have, where they live, and what needs secrets to be pulled from. 
      Will also depend on if we have secrets that we need to provide for container registries like quay.io or registry.redhat.io 

      Acceptance Criteria (Mandatory)

      Dependencies identified

      Blockers noted and expected delivery timelines set

      Design is implementable

      Acceptance criteria agreed upon

      Story estimated

      Legend

      Unknown

      Verified

      Unsatisfied

      Done Checklist

      • Code is completed, reviewed, documented and checked in
      • Unit and integration test automation have been delivered and running cleanly in continuous integration/staging/canary environment
      • Continuous Delivery pipeline(s) is able to proceed with new code included
      • Customer facing documentation, API docs etc. are produced/updated, reviewed and published
      • Acceptance criteria are met

              aveerama@redhat.com Abhishek Veeramalla (Inactive)
              rescott1 Regina Scott (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: