Secrets with Google Cloud Storage
This example uses a bucket (
mybucket) to store GitHub credentials and a kubeconfig file.
Authorize Spinnaker to access the GCS bucket
Since you’re storing sensitive information, make sure to protect the bucket by restricting access and enabling encryption.
Remember to run the Operator deployment (or Halyard’s daemon) and Spinnaker services with permissions to read that content.
Store your GitHub credentials in
github: password: <PASSWORD> token: <TOKEN>
Note: You can store the password under different keys than
github.token. To do so, change how you reference the secret.
Now that secrets are securely stored in the bucket, you reference them in your config files with the following format:
encrypted:gcs!b:<bucket>!f:<path to file>!k:<optional yaml key>
For example, to reference
github.password from the file above, use:
To reference the content of our kubeconfig file:
Was this page helpful?
Thank you for letting us know!
Sorry to hear that. Please tell us how we can improve.
Last modified December 10, 2021: (556c295)