[
https://ovirt-jira.atlassian.net/browse/OVIRT-1867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Barak Korren updated OVIRT-1867:
--------------------------------
Epic Link: (was: OVIRT-400)
> Allow embedded secrets inside the source repo for CI
> ----------------------------------------------------
>
> Key: OVIRT-1867
> URL: https://ovirt-jira.atlassian.net/browse/OVIRT-1867
> Project: oVirt - virtualization made easy
> Issue Type: New Feature
> Components: Standard CI (Pipelines), STDCI DSL
> Reporter: Roman Mohr
> Assignee: infra
> Labels: credentials
>
> In order to improve the self-service capabilities of standard-ci it is
> important for projects, that they can add their own secrets to projects (to
> reach external services, e.g. docker hub, ...).
> Travis has a very nice system which helps engineers there:
> https://docs.travis-ci.com/user/encryption-keys/
> Basically the CI system needs to generate a public/private key pair for
> every enabled git repo. The engineer simply fetches the public key via a
> well know URL and encrypts the secrets. Then the encrypted secret can be
> made part of the source repo. Before the tests are run the CI system
> decrypts the secrets. Than can play together pretty well with Jenkinsfiles
> too.
> Benefit:
> * Less manual intervention from CI team to add secrets to jobs
> * Strengthen the config-in-code thinking
--
This message was sent by Atlassian Jira
(v1001.0.0-SNAPSHOT#100087)
_______________________________________________
Infra mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/[email protected]/message/XCMSHYSTVDIPFOEZXLOY5K4KSZMCZBAI/
