(Vault) add vaultSecretFile References (#2314)

* add vaultSecretFile References * add vaultRef to protecode Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2024-12-12 10:55:20 +02:00 · 2020-11-06 18:06:19 +01:00 · 2020-11-06 18:06:19 +01:00 · 0f48a229d2
commit 0f48a229d2
parent 9d461c6753
6 changed files with 33 additions and 0 deletions
--- a/cmd/kanikoExecute_generated.go
+++ b/cmd/kanikoExecute_generated.go
@ -222,6 +222,12 @@ func kanikoExecuteMetadata() config.StepData {
 								Name: "dockerConfigJsonCredentialsId",
 								Type: "secret",
 							},
+
+							{
+								Name:  "",
+								Paths: []string{"$(vaultPath)/docker-config", "$(vaultBasePath)/$(vaultPipelineName)/docker-config", "$(vaultBasePath)/GROUP-SECRETS/docker-config"},
+								Type:  "vaultSecretFile",
+							},
 						},
 						Scope:     []string{"PARAMETERS", "STAGES", "STEPS"},
 						Type:      "string",
--- a/cmd/kubernetesDeploy_generated.go
+++ b/cmd/kubernetesDeploy_generated.go
@ -301,6 +301,12 @@ func kubernetesDeployMetadata() config.StepData {
 								Name: "kubeConfigFileCredentialsId",
 								Type: "secret",
 							},
+
+							{
+								Name:  "",
+								Paths: []string{"$(vaultPath)/kube-config", "$(vaultBasePath)/$(vaultPipelineName)/kube-config", "$(vaultBasePath)/GROUP-SECRETS/kube-config"},
+								Type:  "vaultSecretFile",
+							},
 						},
 						Scope:     []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
 						Type:      "string",
--- a/cmd/protecodeExecuteScan_generated.go
+++ b/cmd/protecodeExecuteScan_generated.go
@ -228,6 +228,12 @@ func protecodeExecuteScanMetadata() config.StepData {
 								Name: "dockerConfigJsonCredentialsId",
 								Type: "secret",
 							},
+
+							{
+								Name:  "",
+								Paths: []string{"$(vaultPath)/docker-config", "$(vaultBasePath)/$(vaultPipelineName)/docker-config", "$(vaultBasePath)/GROUP-SECRETS/docker-config"},
+								Type:  "vaultSecretFile",
+							},
 						},
 						Scope:     []string{"PARAMETERS", "STAGES", "STEPS"},
 						Type:      "string",
--- a/resources/metadata/kaniko.yaml
+++ b/resources/metadata/kaniko.yaml
@ -97,6 +97,11 @@ spec:
        resourceRef:
          - name: dockerConfigJsonCredentialsId
            type: secret
+          - type: vaultSecretFile
+            paths:
+              - $(vaultPath)/docker-config
+              - $(vaultBasePath)/$(vaultPipelineName)/docker-config
+              - $(vaultBasePath)/GROUP-SECRETS/docker-config
      - name: dockerfilePath
        aliases:
          - name: dockerfile
--- a/resources/metadata/kubernetesdeploy.yaml
+++ b/resources/metadata/kubernetesdeploy.yaml
@ -225,6 +225,11 @@ spec:
        resourceRef:
          - name: kubeConfigFileCredentialsId
            type: secret
+          - type: vaultSecretFile
+            paths:
+            - $(vaultPath)/kube-config
+            - $(vaultBasePath)/$(vaultPipelineName)/kube-config
+            - $(vaultBasePath)/GROUP-SECRETS/kube-config
      - name: kubeContext
        type: string
        description: Defines the context to use from the \"kubeconfig\" file.
--- a/resources/metadata/protecode.yaml
+++ b/resources/metadata/protecode.yaml
@ -74,6 +74,11 @@ spec:
        resourceRef:
          - name: dockerConfigJsonCredentialsId
            type: secret
+          - type: vaultSecretFile
+            paths:
+              - $(vaultPath)/docker-config
+              - $(vaultBasePath)/$(vaultPipelineName)/docker-config
+              - $(vaultBasePath)/GROUP-SECRETS/docker-config
      - name: cleanupMode
        type: string
        description: Decides which parts are removed from the Protecode backend after the scan