Secrets are Kubernetes objects that are used for storing sensitive data such as username and passwords with encryption. If you need to add a custom secret in a custom init or sidecar container, use the section for defining custom secrets in the values.yaml
file (by default this section is commented out).
Artifactory
artifactory: # Add custom secrets - secret per file customSecrets: - name: custom-secret key: custom-secret.yaml data: > secret data
Xray
common: # Add custom secrets - secret per file customSecrets: - name: custom-secret key: custom-secret.yaml data: > secret data
Insight
common: # Add custom secrets - secret per file customSecrets: - name: custom-secret key: custom-secret.yaml data: > secret data
Distribution
distribution: # Add custom secrets - secret per file customSecrets: - name: custom-secret key: custom-secret.yaml data: > secret data
Pipelines
pipelines: # Add custom secrets - secret per file customSecrets: - name: custom-secret key: custom-secret.yaml data: > secret data
To use a custom secret, you need to define a custom volume.
The following example shows how to define a custom volume in Artifactory.
Artifactory
artifactory: ## Add custom volumes customVolumes: | - name: custom-secret secret: secretName: custom-secret
To use a volume, you will need to define a volume mount as part of a custom init or sidecar container.
The following example shows how to define a volume mount as part of a sidecar container in Artifactory.
Artifactory
artifactory: customSidecarContainers: - name: side-car-container volumeMounts: - name: custom-secret mountPath: /opt/custom-secret.yaml subPath: custom-secret.yaml readOnly: true
You can configure the sidecar to run as a custom user by setting the following in the container template.
# Example of running container as root (id 0) securityContext: runAsUser: 0 fsGroup: 0