loafle/tekton-hub
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
병준 박 2025-04-15 08:29:56 +00:00
parent 73210d1db7
commit 0fbff62627
7 changed files with 138 additions and 301 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
tasks/docker-registry/task.yaml
View File

@ -6,79 +6,53 @@ spec:
params: params:
- name: subdirectory - name: subdirectory
type: string type: string
description: Subdirectory within the repo where the source code is located
default: "" default: ""
description: Subdirectory within the repo where the source code is located
- name: imageName - name: imageName
description: Base image name with registry (e.g. docker.unbox-x.net/registry/unbox-x-aisi-cron-app)
type: string type: string
description: Base image name with registry (e.g. docker.unbox-x.net/registry/unbox-x-aisi-cron-app)
- name: tag - name: tag
description: Version tag to apply to the image (e.g. v0.2.0)
type: string type: string
description: Version tag to apply to the image (e.g. v0.2.0)
- name: dockerfile - name: dockerfile
description: Path to Dockerfile
type: string type: string
default: ./Dockerfile default: ./Dockerfile
description: Path to Dockerfile
- name: context - name: context
description: Build context path (relative to subdirectory)
type: string type: string
default: . default: .
description: Build context path (relative to subdirectory)
- name: kanikoArgs
description: arguments for kaniko
type: string
default: ""
workspaces: workspaces:
- name: source - name: source
description: Source code workspace description: Source code workspace
- name: docker-dot-credentials
- name: docker-auth description: Workspace containing config.json (as Secret)
description: Docker registry credentials (username + password)
results: results:
- name: imageUrl - name: imageUrl
description: Final pushed image URL with tag (e.g. registry/app:v0.2.0) description: Final pushed image URL with tag (e.g. registry/app:v0.2.0)
steps: steps:
- name: write-docker-config - name: prepare-docker-auth
image: alpine:3.21.3 image: alpine:3.21.3
workingDir: /workspace/source workingDir: /workspace/source/$(params.subdirectory)
script: | script: |
#!/bin/sh #!/bin/sh
set -e set -e
if [ -n "$(params.subdirectory)" ]; then echo "🔐 Copying docker .dockerconfigjson to /tekton/home/.docker"
cd "$(params.subdirectory)" mkdir -p /tekton/home/.docker
fi cp /workspace/docker-dot-credentials/.dockerconfigjson /tekton/home/.docker/config.json
echo "📦 UkanikoArgs: $(params.kanikoArgs)"
IMAGE="$(params.imageName):$(params.tag)" IMAGE="$(params.imageName):$(params.tag)"
USERNAME=$(cat /workspace/docker-auth/username)
PASSWORD=$(cat /workspace/docker-auth/password)
REGISTRY=$(echo "$IMAGE" | cut -d/ -f1)
AUTH=$(echo -n "$USERNAME:$PASSWORD" | base64)
echo "📦 Using image: $IMAGE" echo "📦 Using image: $IMAGE"
echo -n "$IMAGE" > /tekton/results/imageUrl echo -n "$IMAGE" > /tekton/results/imageUrl
echo "🔐 Writing Docker config for $REGISTRY..."
mkdir -p /tekton/home/.docker
cat <<EOF > /tekton/home/.docker/config.json
{
"auths": {
"$REGISTRY": {
"auth": "$AUTH"
}
}
}
EOF
- name: kaniko-build - name: kaniko-build
image: gcr.io/kaniko-project/executor:v1.23.2 image: gcr.io/kaniko-project/executor:v1.23.2
workingDir: $(workspaces.source.path)/$(params.subdirectory) workingDir: $(workspaces.source.path)/$(params.subdirectory)
@ -94,3 +68,8 @@ spec:
- --skip-tls-verify - --skip-tls-verify
- --verbosity=info - --verbosity=info
- --reproducible - --reproducible
{{- if $(params.kanikoArgs) }}
{{- range $arg := splitList " " "$(params.kanikoArgs)" }}
- {{ $arg }}
{{- end }}
{{- end }}

20
tasks/nodejs-nx-analysis/task.yaml
View File

@ -1,4 +1,3 @@
---
apiVersion: tekton.dev/v1 apiVersion: tekton.dev/v1
kind: Task kind: Task
metadata: metadata:
@ -22,13 +21,6 @@ spec:
workspaces: workspaces:
- name: source - name: source
description: Git-cloned source code with Nx monorepo description: Git-cloned source code with Nx monorepo
- name: npm-auth
optional: true
description: |
A workspace containing authentication credentials for a private npm repository.
Should include:
- username
- password
results: results:
- name: coverage-dir - name: coverage-dir
@ -39,27 +31,17 @@ spec:
steps: steps:
- name: lint-and-test - name: lint-and-test
image: $(params.nodejsImageName) image: $(params.nodejsImageName)
workingDir: /workspace/source workingDir: /workspace/source/$(params.subdirectory)
script: | script: |
#!/usr/bin/env bash #!/usr/bin/env bash
set -e set -e
export NX_SOCKET_DIR=/tmp/nx-socket export NX_SOCKET_DIR=/tmp/nx-socket
if [ -n "$(params.subdirectory)" ]; then
cd "$(params.subdirectory)"
fi
echo "🧩 Using pnpm via corepack" echo "🧩 Using pnpm via corepack"
corepack enable corepack enable
corepack prepare pnpm@8.15.4 --activate corepack prepare pnpm@8.15.4 --activate
echo "🔐 Checking for private npm credentials"
if [ -f /workspace/npm-auth/.npmrc ]; then
echo "✅ Found .npmrc"
cp /workspace/npm-auth/.npmrc ~/.npmrc
fi
echo "📦 Installing dependencies with pnpm" echo "📦 Installing dependencies with pnpm"
pnpm install --frozen-lockfile pnpm install --frozen-lockfile

77
tasks/pybuild/task.yaml
View File

@ -6,104 +6,69 @@ spec:
params: params:
- name: subdirectory - name: subdirectory
type: string type: string
description: Subdirectory within the repo where the source code is located
default: "" default: ""
description: Subdirectory within the repo where the source code is located
- name: pythonImageName - name: pythonImageName
type: string type: string
description: Python version to use (e.g., 3.9, 3.11)
default: "python:3.11-slim" default: "python:3.11-slim"
description: Python version to use
- name: pypi-username
type: string
description: PyPI username (fallback)
default: ""
- name: pypi-password
type: string
description: PyPI password or token (fallback)
default: ""
workspaces: workspaces:
- name: source - name: source
description: Workspace containing the cloned Git repository from git-clone-checkout description: Workspace containing the cloned Git repository
- name: pypi-auth
optional: true
description: |
A workspace containing authentication credentials for a private PyPI repository.
Should include:
- username
- password
results: results:
- name: build-artifact-path - name: build-artifact-path
description: Path to the built artifact directory (e.g., dist/) description: Path to the built artifact directory (e.g., dist/)
steps: steps:
- name: install-dependencies - name: build-package
image: $(params.pythonImageName) image: $(params.pythonImageName)
workingDir: /workspace/source workingDir: /workspace/source/$(params.subdirectory)
env:
- name: HOME
value: /workspace/source/$(params.subdirectory)/___HOME___
script: | script: |
#!/usr/bin/env bash #!/usr/bin/env bash
set -e set -e
if [ -n "$(params.subdirectory)" ]; then echo "🔧 Installing base tools..."
cd "$(params.subdirectory)"
fi
PYPI_USER="$(params.pypi-username)"
PYPI_PASS="$(params.pypi-password)"
if [ -f /workspace/pypi-auth/username ]; then
PYPI_USER=$(cat /workspace/pypi-auth/username)
fi
if [ -f /workspace/pypi-auth/password ]; then
PYPI_PASS=$(cat /workspace/pypi-auth/password)
fi
echo "🔧 Installing dependencies..."
pip install --upgrade pip --root-user-action=ignore pip install --upgrade pip --root-user-action=ignore
# Poetry 프로젝트 처리
if [ -f pyproject.toml ]; then if [ -f pyproject.toml ]; then
echo "[INFO] Poetry project detected" echo "[INFO] Poetry project detected"
pip install poetry tomli --root-user-action=ignore pip install poetry --root-user-action=ignore
REPO_NAME=$(python3 -c 'import tomli; print(tomli.load(open("pyproject.toml", "rb"))["tool"]["poetry"]["source"][0]["name"])') poetry lock --no-update || echo "[WARN] poetry lock skipped"
REPO_URL=$(python3 -c 'import tomli; print(tomli.load(open("pyproject.toml", "rb"))["tool"]["poetry"]["source"][0]["url"])') poetry install --no-root || echo "[WARN] poetry install skipped"
echo "[INFO] Configuring poetry source '$REPO_NAME' → $REPO_URL" echo "📦 Building with Poetry..."
poetry config virtualenvs.in-project true
poetry config repositories."$REPO_NAME" "$REPO_URL"
poetry config http-basic."$REPO_NAME" "$PYPI_USER" "$PYPI_PASS"
poetry lock --no-cache --regenerate
poetry install
echo "📦 Building package with Poetry..."
poetry build poetry build
elif [ -f requirements.txt ] && [ -f setup.py ]; then # setup.py 기반 빌드
elif [ -f setup.py ] && [ -f requirements.txt ]; then
echo "[INFO] setup.py project detected" echo "[INFO] setup.py project detected"
pip install -r requirements.txt --root-user-action=ignore pip install -r requirements.txt --root-user-action=ignore
pip install build --root-user-action=ignore pip install build --root-user-action=ignore
echo "📦 Building package with build module..." echo "📦 Building with Python Build module..."
python -m build python -m build
else else
echo "[ERROR] No valid build configuration found (pyproject.toml or setup.py required)" echo " No valid build configuration found (pyproject.toml or setup.py required)"
exit 1 exit 1
fi fi
echo "📂 Verifying built artifacts..." echo "📂 Checking built artifacts..."
BUILD_PATH="/workspace/source/$(params.subdirectory)/dist" BUILD_PATH="/workspace/source/$(params.subdirectory)/dist"
echo -n "$BUILD_PATH" > /tekton/results/build-artifact-path echo -n "$BUILD_PATH" > /tekton/results/build-artifact-path
if [ -d "$BUILD_PATH" ] && [ -n "$(ls -A $BUILD_PATH)" ]; then if [ -d "$BUILD_PATH" ] && [ -n "$(ls -A "$BUILD_PATH")" ]; then
echo "✅ Build artifacts created in $BUILD_PATH:" echo "✅ Build artifacts created in $BUILD_PATH:"
ls -l "$BUILD_PATH" ls -l "$BUILD_PATH"
else else
echo "❌ No build artifacts found in $BUILD_PATH" echo "❌ No artifacts found in $BUILD_PATH"
exit 1 exit 1
fi fi

94
tasks/pylint/task.yaml
View File

@ -11,7 +11,7 @@ spec:
- name: pythonImageName - name: pythonImageName
type: string type: string
description: Python version to use (e.g., 3.9, 3.11) description: Python version to use (e.g., python:3.11-slim)
default: "python:3.11-slim" default: "python:3.11-slim"
- name: pylint-args - name: pylint-args
@ -19,86 +19,72 @@ spec:
description: Additional arguments for pylint (e.g., --fail-under=8) description: Additional arguments for pylint (e.g., --fail-under=8)
default: "" default: ""
- name: pypi-username - name: fail-on-lint
type: string type: string
description: PyPI username (fallback) default: "false"
default: "" description: |
If true, the step will exit with a failure code if pylint reports issues.
Otherwise, it will always exit 0.
- name: pypi-password results:
type: string - name: pylint-exit-code
description: PyPI password or token (fallback) description: Exit code returned by pylint (0=clean, non-zero=issues)
default: ""
workspaces: workspaces:
- name: source - name: source
description: Workspace containing the cloned Git repository from git-clone-checkout description: Workspace containing the cloned Git repository
- name: pypi-auth
optional: true
description: |
A workspace containing authentication credentials for a private PyPI repository.
Should include:
- username
- password
steps: steps:
- name: install-dependencies - name: run-pylint
image: $(params.pythonImageName) image: $(params.pythonImageName)
workingDir: /workspace/source workingDir: /workspace/source/$(params.subdirectory)
env:
- name: HOME
value: /workspace/source/$(params.subdirectory)/___HOME___
script: | script: |
#!/usr/bin/env bash #!/usr/bin/env bash
set -e set -e
if [ -n "$(params.subdirectory)" ]; then
cd "$(params.subdirectory)"
fi
PYPI_USER="$(params.pypi-username)"
PYPI_PASS="$(params.pypi-password)"
if [ -f /workspace/pypi-auth/username ]; then
PYPI_USER=$(cat /workspace/pypi-auth/username)
fi
if [ -f /workspace/pypi-auth/password ]; then
PYPI_PASS=$(cat /workspace/pypi-auth/password)
fi
echo "🔧 Installing dependencies..." echo "🔧 Installing dependencies..."
pip install --upgrade pip --root-user-action=ignore pip install --upgrade pip --root-user-action=ignore
if [ -f pyproject.toml ]; then if [ -f pyproject.toml ]; then
echo "[INFO] Poetry project detected" echo "[INFO] Poetry project detected"
pip install poetry tomli --root-user-action=ignore pip install poetry --root-user-action=ignore
poetry lock --no-update
REPO_NAME=$(python3 -c 'import tomli; print(tomli.load(open("pyproject.toml", "rb"))["tool"]["poetry"]["source"][0]["name"])') poetry install --with dev
REPO_URL=$(python3 -c 'import tomli; print(tomli.load(open("pyproject.toml", "rb"))["tool"]["poetry"]["source"][0]["url"])')
echo "[INFO] Configuring poetry source '$REPO_NAME' → $REPO_URL"
poetry config virtualenvs.in-project true
poetry config repositories."$REPO_NAME" "$REPO_URL"
poetry config http-basic."$REPO_NAME" "$PYPI_USER" "$PYPI_PASS"
poetry lock --no-cache --regenerate
poetry install
poetry add pylint --group dev
elif [ -f requirements.txt ]; then elif [ -f requirements.txt ]; then
echo "[INFO] Pip project detected" echo "[INFO] Pip project detected"
pip install -r requirements.txt --root-user-action=ignore pip install -r requirements.txt --root-user-action=ignore
pip install pylint --root-user-action=ignore
else else
echo "[INFO] No dependency file found, installing pylint only" echo "[INFO] No dependency file found"
pip install pylint --root-user-action=ignore
fi fi
echo "🧪 Running Pylint..." echo "✅ Installing pylint..."
pip install pylint --root-user-action=ignore || poetry add --dev pylint || echo "[WARN] Pylint 설치 실패"
echo "🧪 Running Pylint (JSON report)..."
set +e set +e
REPORT_FILE="/workspace/source/pylint-report.json"
if [ -f pyproject.toml ]; then if [ -f pyproject.toml ]; then
poetry run pylint $(params.pylint-args) . poetry run pylint $(params.pylint-args) --output-format=json . > "$REPORT_FILE"
else else
pylint $(params.pylint-args) . pylint $(params.pylint-args) --output-format=json . > "$REPORT_FILE"
fi fi
PYLINT_EXIT_CODE=$? PYLINT_EXIT_CODE=$?
set -e set -e
echo "✅ Pylint execution completed with exit code: $PYLINT_EXIT_CODE" echo "$PYLINT_EXIT_CODE" > /tekton/results/pylint-exit-code
exit 0 # 항상 성공 처리 (원래 onError: continue 효과) echo "📄 Pylint exit code: $PYLINT_EXIT_CODE"
echo "📦 Report saved to $REPORT_FILE"
head -n 10 "$REPORT_FILE" || echo "[WARN] Empty report"
if [ "$(params.fail-on-lint)" = "true" ] && [ "$PYLINT_EXIT_CODE" -ne 0 ]; then
echo "❌ Pylint failed and fail-on-lint=true"
exit $PYLINT_EXIT_CODE
fi
echo "✅ Task succeeded regardless of lint result"
exit 0

48
tasks/pypi/task.yaml
View File

@ -13,16 +13,6 @@ spec:
description: Python version to use (e.g., 3.9, 3.11) description: Python version to use (e.g., 3.9, 3.11)
default: "python:3.11-slim" default: "python:3.11-slim"
- name: pypi-username
type: string
description: PyPI username (fallback)
default: ""
- name: pypi-password
type: string
description: PyPI password or token (fallback)
default: ""
- name: pypi-hosted-url - name: pypi-hosted-url
type: string type: string
description: PyPI repository URL for upload description: PyPI repository URL for upload
@ -31,54 +21,28 @@ spec:
workspaces: workspaces:
- name: source - name: source
description: Workspace containing the built artifacts description: Workspace containing the built artifacts
- name: pypi-auth
optional: true
description: |
A workspace containing:
- username
- password
steps: steps:
- name: upload-to-pypi - name: upload-to-pypi
image: $(params.pythonImageName) image: $(params.pythonImageName)
workingDir: /workspace/source workingDir: /workspace/source
env:
- name: HOME
value: /workspace/source/___HOME___
script: | script: |
#!/usr/bin/env bash #!/usr/bin/env bash
set -e set -e
TWINE_USERNAME="$(params.pypi-username)"
TWINE_PASSWORD="$(params.pypi-password)"
HOSTED_URL="$(params.pypi-hosted-url)" HOSTED_URL="$(params.pypi-hosted-url)"
if [ -f /workspace/pypi-auth/username ]; then echo "📦 Installing tools..."
TWINE_USERNAME=$(cat /workspace/pypi-auth/username)
fi
if [ -f /workspace/pypi-auth/password ]; then
TWINE_PASSWORD=$(cat /workspace/pypi-auth/password)
fi
pip install --upgrade pip --root-user-action=ignore pip install --upgrade pip --root-user-action=ignore
pip install poetry twine --root-user-action=ignore pip install poetry tomli twine --root-user-action=ignore
# poetry 설정이 필요한 경우 pyproject.toml 분석
if [ -f pyproject.toml ]; then
echo "[INFO] Using Poetry to install dependencies"
pip install poetry tomli --root-user-action=ignore
REPO_NAME=$(python3 -c 'import tomli; print(tomli.load(open("pyproject.toml", "rb"))["tool"]["poetry"]["source"][0]["name"])')
REPO_URL=$(python3 -c 'import tomli; print(tomli.load(open("pyproject.toml", "rb"))["tool"]["poetry"]["source"][0]["url"])')
echo "[INFO] Configuring poetry source '$REPO_NAME' → $REPO_URL"
poetry config virtualenvs.in-project true
poetry config repositories."$REPO_NAME" "$REPO_URL"
poetry config http-basic."$REPO_NAME" "$TWINE_USERNAME" "$TWINE_PASSWORD"
fi
echo "[INFO] Uploading artifacts to $HOSTED_URL" echo "[INFO] Uploading artifacts to $HOSTED_URL"
twine upload \ twine upload \
--repository-url "$HOSTED_URL" \ --repository-url "$HOSTED_URL" \
--username "$TWINE_USERNAME" \
--password "$TWINE_PASSWORD" \
"$(params.build-artifact-path)"/* "$(params.build-artifact-path)"/*
echo "[INFO] ✅ Upload to PyPI complete" echo "[INFO] ✅ Upload to PyPI complete"

121
tasks/pytest/task.yaml
View File

@ -14,93 +14,58 @@ spec:
description: Python version to use (e.g., 3.9, 3.11) description: Python version to use (e.g., 3.9, 3.11)
default: "python:3.11-slim" default: "python:3.11-slim"
- name: pypi-username
type: string
description: PyPI username (fallback)
default: ""
- name: pypi-password
type: string
description: PyPI password or token (fallback)
default: ""
workspaces: workspaces:
- name: source - name: source
description: Workspace containing the cloned Git repository from git-clone-checkout description: Workspace containing the cloned Git repository from git-clone-checkout
- name: pypi-auth
optional: true
description: |
A workspace containing authentication credentials for a private PyPI repository.
Should include:
- username
- password
steps: steps:
- name: install-dependencies - name: install-dependencies
image: $(params.pythonImageName) image: $(params.pythonImageName)
workingDir: /workspace/source workingDir: /workspace/source/$(params.subdirectory)
script: | env:
#!/usr/bin/env bash - name: HOME
set -e value: /workspace/shared/$(params.subdirectory)/___HOME___
script: |
#!/usr/bin/env bash
set -e
if [ -n "$(params.subdirectory)" ]; then echo "HOME=$HOME"
cd "$(params.subdirectory)" echo "🔧 Installing dependencies..."
fi
PYPI_USER="$(params.pypi-username)" pip install --upgrade pip --root-user-action=ignore
PYPI_PASS="$(params.pypi-password)" pip install pytest --root-user-action=ignore
if [ -f /workspace/pypi-auth/username ]; then if [ -f pyproject.toml ]; then
PYPI_USER=$(cat /workspace/pypi-auth/username) echo "[INFO] Poetry project detected"
fi pip install poetry --root-user-action=ignore
if [ -f /workspace/pypi-auth/password ]; then
PYPI_PASS=$(cat /workspace/pypi-auth/password)
fi
echo "[INFO] Using pre-configured poetry settings from $HOME/.config/pypoetry/"
poetry lock --no-cache --no-update
poetry install
elif [ -f requirements.txt ]; then
echo "[INFO] Using pip to install dependencies"
pip install -r requirements.txt --root-user-action=ignore
else
echo "[WARN] No dependency file found"
fi
echo "🔧 Installing dependencies..." echo "🧪 Running tests..."
pip install --upgrade pip --root-user-action=ignore set +e
pip install pytest --root-user-action=ignore if [ -f pyproject.toml ]; then
poetry run pytest --verbose --junitxml=/workspace/source/pytest-results.xml
else
pytest --verbose --junitxml=/workspace/source/pytest-results.xml
fi
TEST_EXIT_CODE=$?
set -e
if [ -f pyproject.toml ]; then echo "📄 Checking test results..."
echo "[INFO] Poetry project detected" if [ -f /workspace/source/pytest-results.xml ]; then
pip install poetry tomli --root-user-action=ignore echo "Test results:"
cat /workspace/source/pytest-results.xml
else
echo "❌ No test results found"
exit 1
fi
REPO_NAME=$(python3 -c 'import tomli; print(tomli.load(open("pyproject.toml", "rb"))["tool"]["poetry"]["source"][0]["name"])') exit $TEST_EXIT_CODE
REPO_URL=$(python3 -c 'import tomli; print(tomli.load(open("pyproject.toml", "rb"))["tool"]["poetry"]["source"][0]["url"])')
echo "[INFO] Configuring poetry source '$REPO_NAME' → $REPO_URL"
poetry config virtualenvs.in-project true
poetry config repositories."$REPO_NAME" "$REPO_URL"
poetry config http-basic."$REPO_NAME" "$PYPI_USER" "$PYPI_PASS"
poetry lock --no-cache --regenerate
poetry install
elif [ -f requirements.txt ]; then
echo "[INFO] Using pip to install dependencies"
pip install -r requirements.txt --root-user-action=ignore
else
echo "[WARN] No dependency file found"
fi
echo "🧪 Running tests..."
set +e
if [ -f pyproject.toml ]; then
poetry run pytest --verbose --junitxml=/workspace/source/pytest-results.xml
else
pytest --verbose --junitxml=/workspace/source/pytest-results.xml
fi
TEST_EXIT_CODE=$?
set -e
echo "📄 Checking test results..."
if [ -f /workspace/source/pytest-results.xml ]; then
echo "Test results:"
cat /workspace/source/pytest-results.xml
else
echo "❌ No test results found"
exit 1
fi
exit $TEST_EXIT_CODE

24
tasks/secret-home/task.yaml
View File

@ -14,29 +14,25 @@ spec:
description: Name of the key(s) to extract from the secret description: Name of the key(s) to extract from the secret
workspaces: workspaces:
- name: source - name: shared
description: Workspace containing the cloned Git repository description: Workspace containing the cloned Git repository
- name: secret
description: Secret data from workspace
steps: steps:
- name: extract - name: extract
image: alpine:3.21.3 image: alpine:3.21.3
workingDir: /workspace/source/$(params.subdirectory) workingDir: /workspace/shared/$(params.subdirectory)
script: | script: |
#!/bin/sh #!/bin/sh
set -e set -e
apk add --no-cache rsync apk add --no-cache coreutils
for key in $(params.keys); do for key in $(params.keys); do
echo "Copying $key" echo "encoding $key"
target="/workspace/source/$(params.subdirectory)/___HOME___/$key" key_decoded=$(echo "$key" | sed 's/__/\//g')
echo "decoding $key_decoded"
target="/workspace/shared/$(params.subdirectory)/___HOME___/$key_decoded"
mkdir -p "$(dirname "$target")" mkdir -p "$(dirname "$target")"
rsync -R "/secrets/credentials/$key" "$(dirname "$target")" cp "/secrets/credentials/$key" "$target"
done done
volumeMounts:
- name: credentials
mountPath: /secrets/credentials
volumes:
- name: credentials
secret:
secretName: credentials