I´m trying to download code from gitlab to kubernetes. I have created an ubuntu docker image.
Here is the yaml file. I have created a token from gitlab to download the rep. The problem is that i don´t know where to copy the gitlab token to allow kubernetes to download the code ??
apiVersion: v1
kind: Pod
metadata:
name: syncrepo-gitlab
spec:
containers:
- image: fake.eu.io/testseq-362663/ubuntu:latest
name: gitlab
volumeMounts:
- name: git-source
mountPath: /tmp/git
env:
- name: GIT_SYNC_REPO
value: https://myrep/scripts.git
- name: GIT_SYNC_DEST
value: git-sync
- name: GIT_SYNC_SSH
value: "true"
volumes:
- name: git-source
emptyDir: {}Option 1: Pass it directly as an environment variable:
env:
- name: GIT_DEPLOY_TOKEN_USERNAME
value: <deploy_token_username>
- name: GIT_DEPLOY_TOKEN_PASSWORD
value: <deploy_token_password>This is not recommended, because anyone that can see your Pod manifest will see your Gitlab token.
Option 2 Create a secret for the token and mount it to the pod.
kubectl create secret generic gitlab-deploy-token -–from-literal=username=<deploy_token_username> -–from-literal=password=<deploy_token_password>This will create an encoded secret in your k8s namespace.
To mount the secret:
- name: GITLAB_DEPLOY_TOKEN_USERNAME
valueFrom:
secretKeyRef:
name: gitlab-deploy-token
key: username
- name: GITLAB_DEPLOY_TOKEN_PASSWORD
valueFrom:
secretKeyRef:
name: gitlab-deploy-token
key: passwordNow, in your pod, you can:
git clone http://$GITLAB_DEPLOY_TOKEN_USERNAME:$GITLAB_DEPLOY_TOKEN_PASSWORD@gitlab.example.com/tanuki/awesome_project.gitNote: Special characters such as $, *, and ! require escaping. If the password you are using has special characters, you need to escape them using the \ character. For example, if your actual password is S!B*d$zDsb, you should execute the command this way: kubectl create secret generic dev-db-secret --from-literal=username=devuser --from-literal=password=S!B\*d\$zDsb You do not need to escape special characters in passwords from files (--from-file).