43 lines
1.0 KiB
YAML
43 lines
1.0 KiB
YAML
apiVersion: tekton.dev/v1
|
|
kind: Task
|
|
metadata:
|
|
name: secret-home
|
|
spec:
|
|
params:
|
|
- name: subdirectory
|
|
type: string
|
|
description: Subdirectory within the repo where the source code is located
|
|
default: ""
|
|
|
|
- name: keys
|
|
type: array
|
|
description: Name of the key(s) to extract from the secret
|
|
|
|
workspaces:
|
|
- name: source
|
|
description: Workspace containing the cloned Git repository
|
|
|
|
steps:
|
|
- name: extract
|
|
image: alpine:3.21.3
|
|
workingDir: /workspace/source/$(params.subdirectory)
|
|
script: |
|
|
#!/bin/sh
|
|
set -e
|
|
apk add --no-cache rsync
|
|
|
|
for key in $(params.keys); do
|
|
echo "Copying $key"
|
|
target="/workspace/source/$(params.subdirectory)/___HOME___/$key"
|
|
mkdir -p "$(dirname "$target")"
|
|
rsync -R "/secrets/credentials/$key" "$(dirname "$target")"
|
|
done
|
|
volumeMounts:
|
|
- name: credentials
|
|
mountPath: /secrets/credentials
|
|
|
|
volumes:
|
|
- name: credentials
|
|
secret:
|
|
secretName: credentials
|