From 50f978a812d8eda857c2a8e001c74d8ee057f80b Mon Sep 17 00:00:00 2001 From: Olga Tikhomirova <85509260+missmesss@users.noreply.github.com> Date: Wed, 15 May 2024 18:29:59 -0700 Subject: [PATCH] creating secrets --- .../how-tos/configuring/creating-secrets.adoc | 51 ++++++++++++++++++- 1 file changed, 50 insertions(+), 1 deletion(-) diff --git a/docs/modules/ROOT/pages/how-tos/configuring/creating-secrets.adoc b/docs/modules/ROOT/pages/how-tos/configuring/creating-secrets.adoc index 594f83dc..ae8e3e8b 100644 --- a/docs/modules/ROOT/pages/how-tos/configuring/creating-secrets.adoc +++ b/docs/modules/ROOT/pages/how-tos/configuring/creating-secrets.adoc @@ -1 +1,50 @@ -= Creating secrets for your builds \ No newline at end of file += Creating secrets for your builds + +When you build your pipeline, you might want to add tasks that require **secrets** in order to access external resources. + +NOTE: One such task is the link:https://github.com/redhat-appstudio/build-definitions/tree/main/task/sast-snyk-check[sast-snyk-check] task that uses the third-party service link:https://snyk.io/[snyk] to perform static application security testing (SAST) as a part of the default {ProductName} pipeline. Use this procedure to upload your snyk.io token. Name the secret `sast_snyk_task` so that the snyk task in the {ProductName} pipeline will recognize it and use it. + +If you want to create an application using source code from GitLab, you need to add a GitLab access token to {ProductName} __before__ you create an application. For details, see <> below. + +.Procedure + +. In {ProductName}, from the left navigation menu, select **Secrets**. +. From the **Secrets** page, click **Add secret**. +. From the **Add secret** page, choose what stage of your application's development you want to create a secret for: **Build** or **Deployment**. +. Select a secret type: + * **Key/value secret** + * **Image pull secret** + * **Source secret** +. For **Secret name**, enter a unique name for your secret. +. Under **Key/value secret**, expand **Key/value 1**, then enter a key. +. For **Upload the file with value for your key or paste its contents**, do one of the following: + * Click **Upload** to browse to, select, and upload the file that contains your key value. + * Drag the file that contains your key value into the space under **Upload**. + * Paste the contents of the file that contains your key value into the space under **Upload**. + Click **Clear** to remove the contents of the space under **Upload**. +. Optional: Click **Add another key/value**. +. Optional: Under **Labels**, add a label to tag or provide more context for your secret. +. Click **Add secret**. + +== Creating secrets for apps sourced from GitLab + +Before you create an application using source code from GitLab, generate an access token for your GitLab repository and upload it to your {ProductName} namespace. + +.Procedure + +. In GitLab select your avatar, then select **Edit profile** > **Access Tokens** > **Add new token**. +. Select the following scopes: `api`, `read_repository`, and `write_repository`. +. Optional: If your GitLab instance supports setting token role, set a role to `Maintainer`. +. Select **Create personal access token**. +. Add a token to your {ProductName} namespace. + +[NOTE] +==== +* Each workspace can contain only one set of credentials for each Source Control Management (SCM) system, such as GitHub or GitLab. It means you can’t add two different tokens for a GitLab repository to a single workspace. + +* If you upload a GitLab access token to a workspace, {ProductName} won’t use the global GitHub application when accessing GitHub repositories. +==== + +.Additional resources + +For more information about GitLab access tokens, see link:https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html[Personal access tokens].